Why this matters now
The breach, first brought to light in early August reporting, is believed to have touched courts in multiple states and exposed sealed materials—exactly the kind of non-public information that can upend prosecutions, tip off targets, or endanger cooperators if it’s altered or leaked. Policymakers were quietly briefed in late July; follow-up classified briefings are planned.
On Tuesday, additional reporting indicated investigators have developed evidence suggesting Russia is at least partly responsible—while stressing the full scope and authorship remain under investigation. In the wake of those findings, the Eastern District of New York directed that sealed materials in criminal matters not be filed through CM/ECF and use a separate, non-public pathway; other courts have issued similar changes or reverted to paper for sealed filings.
The attack surface: aging systems under strain
Long-standing warnings about the judiciary’s legacy technology now read like prophecy. In June testimony to the House Judiciary Subcommittee, Judge Michael Y. Scudder—who chairs the Judicial Conference’s Committee on Information Technology—told lawmakers that the judiciary “continues to face unrelenting security threats of extraordinary gravity” and confirmed that CM/ECF and PACER are “outdated, unsustainable due to cyber risks, and require replacement.” He added that court defenses blocked “approximately 200 million harmful events” in FY 2024. House Documents
The AO’s public statement strikes a similar tone: while most court filings are public by design, a subset contains sealed indictments, search warrants, cooperator information, and other confidential records that are prime targets for a wide range of threat actors. The judiciary says it is working with DOJ, DHS/CISA, and Congress while tightening controls around sensitive filings. United States Courts
