Hackers Supported By Russian Government Allegedly Behind Hacking US Federal Court Systems

Illustration of a US federal court (photo: x @Law360)

According to a report by The New York Times on August 12, 2025, the Russian government is suspected of being behind a data breach attacking the United States federal court document filing system known as PACER.

Citing an anonymous source, the newspaper stated that Russia was "at least partly responsible" for this cyberattack, although it did not specify which part of the Russian government was involved.

Hackers are reportedly looking for "middle-level criminal cases in the New York City region and several other jurisdictions, with several cases involving people under the Russian and Eastern European surnames," the article said.

Last week, Politico reported that hackers had broken into the federal court's electronic case filing system, which has the potential to access the identity of classified informants that are kept secret and unknown to the public. This could endanger the informant because of the risk of retaliation from criminals they help to arrest authorities.

Politico also mentioned that the stolen data may include sealed criminal court documents, detention warrants, and other documents that have not been published or may even never go into public documents.

The US Court Administration Office, the agency overseeing the US federal court system, confirmed a cyberattack in a statement on August 7.

The New York Times also cited a memo sent to officials of the Department of Justice, clerk, and chief judge by court system managers. The memo states that "perpetrators of persistent and sophisticated cyber threats have recently endangered the sealed footage." The email confirmed that "this remains an URGENT ISSUE that requires immediate action."

This may not be the first time Russia has targeted a US federal court system. In 2020, Russia's long-running cyberattack targeted SolarWinds software, which is used by major technology companies and government agencies.

The attack took advantage of a software update that had been manipulated to provide Russian government hackers with backdoor access to the SolarWinds customer network.

The broad attack affected several US government departments, including PACER, which allowed the theft of court documents to be sealed.

In a statement on August 7, the US Court stated that it was "increasing system security and blocking future attacks, and prioritizing cooperation with courts to reduce the impact on litigants."