DOJ says 27 US Attorneys’ Offices were breached in 2020 SolarWinds cyberattack

In late December, it was discovered that suspected Russian hackers had used an information technology platform known as SolarWinds Orion to infiltrate and spy on thousands of computer systems for both private sector companies and government agencies in the U.S.

According to The Hill, the U.S. Department of Justice (DOJ) has announced that among the targets of the attack were no less than 27 different U.S. Attorneys’ Offices across the nation.

The Hill noted that, in all, at least per current estimates, some 18,000 customers utilizing the platform had been compromised, including at least 100 different private sector companies and at least nine different federal agencies.

A major breach

The Justice Department’s announcement came via a statement Friday that included a list of the more than two dozen federal prosecutors offices that had been breached by the hacking campaign, which was believed to have begun in May 2020 and continued until it was discovered in late December, at which point the infiltration point was eliminated.

The 27 different attorneys’ offices were scattered across 15 states and the District of Columbia, with multiple districts being hit in certain states, including California, Florida, New York, Pennsylvania, Texas, and Virginia.

In its statement, the DOJ suggested that while all of those offices were impacted to some degree, it looked as though the four offices in New York were the hardest hit; the email accounts of at least 80% of the employees in each of those districts were reportedly compromised.

And while it remains unclear exactly how much information may actually have been stolen or viewed by the hackers during the breach — and particularly whether that included classified material — the DOJ update noted that the “compromised data included all sent, received, and stored emails and attachments found within those accounts during that time.”

More sanctions coming?

The Associated Press reports that President Joe Biden’s administration has been clear that it blames the Russian government for the SolarWinds hack and has sought retribution, at least to an extent.

Despite Russia denying any involvement or wrongdoing, the Biden administration levied new and strengthened economic sanctions on Russia in April, and expelled a number of Russian diplomats believed to be linked to that nation’s intelligence services.

“We will continue to hold Russia accountable for its malicious cyber activities, such as the SolarWinds incident, by using all available policy and authorities,” the White House said in a fact sheet released at that time.

That fact sheet also formally named Russia’s Foreign Intelligence Service (SVR) as the culprit behind the cyber intrusion and labeled the attack as nothing less than a “national security and public safety concern.”

The April release from the White House also seemed to consider further punitive actions against Russia in response to the SolarWinds attack. Only time will tell whether the latest development prompts Biden to turn that threat into action.

Latest News