Justice Department says Russians hacked federal prosecutors

Washington: The Russian hackers behind the massive SolarWinds cyberespionage campaign broke into the email accounts of some of the most prominent federal prosecutors' offices around the country last year, the Justice Department said.

The department said 80% of Microsoft email accounts used by employees in the four US attorney offices in New York were breached. All told, the Justice Department said 27 US attorney offices had at least one employee's email account compromised during the hacking campaign.

The Justice Department said in a statement Friday that it believes the accounts were compromised from May 7 to December 27, 2020. Such a timeframe is notable because the SolarWinds campaign, which infiltrated dozens of private-sector companies and think tanks as well as at least nine US government agencies, was first discovered and publicized in mid-December.

The Biden administration in April announced sanctions, including the expulsion of Russian diplomats, in response to the SolarWinds hack and Russian interference in the 2020 US presidential election. Russia has denied wrongdoing.

Jennifer Rodgers, a lecturer at Columbia Law School, said office emails frequently contained all sorts of sensitive information, including case strategy discussions and names of confidential informants, when she was a federal prosecutor in New York.

I don't remember ever having someone bring me a document instead of emailing it to me because of security concerns, she said, noting exceptions for classified materials.

The Administrative Office of US Courts confirmed in January that it was also breached, giving the SolarWinds hackers another entry point to steal confidential information like trade secrets, espionage targets, whistleblower reports and arrest warrants. The list of affected offices include several large and high-profile ones like those in Los Angeles, Miami, Washington and the Eastern District of Virginia.