SolarWinds hackers nailed federal prosecutors’ offices, Department of Justice says
Hackers hit the offices of top US federal prosecutors nationwide last December, breaking in to email accounts, the Department of Justice said Friday. As part of the SolarWinds hack, attackers accessed accounts at nearly 30 US Attorneys’ offices, including offices in Washington, DC; New York and California, the DOJ said.
The department had revealed in January that its Microsoft O365 email environment had been breached, but it hadn’t provided the information about the US Attorneys.
“The Department of Justice understands that when victims make information public about the nature and scope of computer intrusions they suffered, others can use that information to prepare themselves for the next threat,” the DOJ said in a statement Friday. “To encourage transparency and strengthen homeland resilience, today we are providing additional details about the SolarWinds intrusion in December 2020.”
The DOJ said at least one employee account had been accessed at 27 offices from the West Coast to the East. It said at least 80% of employees at the US Attorneys’ offices in the Eastern, Northern, Southern and Western Districts of New York had seen their accounts breached, with other districts “impacted to a lesser degree.”
The hackers are thought to have had access to breached accounts from about May 7 to Dec. 27 of last year, the DOJ said, adding that exposed data included sent, received and stored emails as well as attachments. The agency said in January that it had plugged the breach.
“The Department’s objective continues to be mitigating the operational, security, and privacy risks caused by the incident,” the DOJ said in its Friday statement.
The SolarWinds hack, which US intelligence agencies say likely originated in Russia, hit customers of IT software provider SolarWinds, including a number of private businesses and federal agencies. Victims included high-level officials at the Department of Homeland Security, showing that not even the government agency in charge of defending the US from foreign hacking attacks was immune.
In April, US President Joe Biden signed an executive order imposing a range of retaliatory measures against Russia. Russia, meanwhile, denied involvement in the hack. In May, Biden signed an executive order aimed at improving US cybersecurity defenses.
The DOJ listed the following US Attorneys’ offices as having been hit by the email breaches:
— Central District of California
— Northern District of California
— District of Columbia
— Northern District of Florida
— Middle District of Florida
— Southern District of Florida
— Northern District of Georgia
— District of Kansas
— District of Maryland
— District of Montana
— District of Nevada
— District of New Jersey
— Eastern District of New York
— Northern District of New York
— Southern District of New York
— Western District of New York
— Eastern District of North Carolina
— Eastern District of Pennsylvania
— Middle District of Pennsylvania
— Western District of Pennsylvania
— Northern District of Texas
— Southern District of Texas
— Western District of Texas
— District of Vermont
— Eastern District of Virginia
— Western District of Virginia
— Western District of Washington
CNET’s Laura Hautala contributed to this report.