The Justice Department and the federal court system now say they were hit by the SolarWinds hack. In a statement, the Justice Department said it discovered the hack on Dec. 24, nine days after the massive hack campaign came to light.
Justice Department reveals it was hit by hack
The DoJ said the breach was linked to the incident involving SolarWinds, which affected a long list of federal agencies. The Justice Department also said the hack allowed the perpetrators to gain access to its Microsoft Office 365 email system.
The hackers were able to read emails sent to or from about 3% of the DoJ's users. It has about 100,000 employees, according to Ars Technica. The DoJ said it doesn't have any indication that any of its classified systems were breached in the attack.
After learning about the breach, the Office of the Chief Information Officer closed the hole believed to have been made by the hack of SolarWinds' systems. The DoJ ruled that the hack constitutes a "major incident under the Federal Information Security Modernization Act." The agency is taking steps based on that determination.
According to Fox News, the federal court system issued a separate statement revealing that it was investigating an "apparent compromise" of its case management and electronic case file system. The Department of Homeland Security is looking into the breach, which involved sealed court filings. The hack was national in scale, although it wasn't clear just how widespread it was. Sealed court files could contain details about national security, wiretap transcripts, trade secrets, the names of confidential informants in criminal cases and other sensitive information.
Russia accused of being behind the breach
On Tuesday, federal intelligence agencies and law enforcement officially accused Russia of being behind the SolarWinds hack. SolarWinds is a software company whose products and services are used by many tech companies and government agencies. A breach of SolarWinds' system led to vulnerabilities for its customers.
Many federal agencies, including the Commerce Department and Treasury Department, were breached via the SolarWinds hack. Experts told Fox News that the vulnerabilities were open for months before they were discovered, giving foreign agents plenty of time to collect data that could damage U.S. national security.
However, it's still unclear just what information was being sought. The hackers seeded about 18,000 organizations with malicious code that piggybacked on SolarWinds' network management software. Investigators believe only a relative handful were actually compromised. The statement issued on Tuesday said no more than 10 federal government agencies were hacked.