Our award-winning reporting has moved

Context provides news and analysis on three of the world’s most critical issues:

climate change, the impact of technology on society, and inclusive economies.

U.S. Justice Department says its emails were breached by SolarWinds hackers

by Reuters
Wednesday, 6 January 2021 23:10 GMT

(Adds comment)

By Raphael Satter

WASHINGTON, Jan 6 (Reuters) - The U.S. Department of Justice said on Wednesday its email systems were accessed by the hackers who broke into software company SolarWinds, another indication of the gravity of the breach that has shaken Washington.

The scale of the hack at the Department of Justice was not immediately clear but it could be significant. The department, which has more than 100,000 employees across a series of law enforcement agencies, including the FBI, the Drug Enforcement Administration, and the U.S. Marshals Service, said in a statement that 3% of its Office 365 mailboxes were potentially accessed.

The statement went on to say that the Justice Department had no indication any classified systems were impacted but Leo Taddeo, who formerly led the cyber division of the FBI's New York office, said the haul could still yield an intelligence bonanza.

"It's still very bad if they got the contents of 3,000 accounts," said Taddeo, who now works as the chief information security officer for data center firm Cyxtera Technologies.

He said unclassified emails still carried a wealth of information about incoming tips, pending indictments and international anti-corruption operations, among other things.

"They don't need to have our classified secrets in order to do great damage," he said.

Justice spokesman Marc Raimondi declined to say how many mailboxes were breached.

The statement said the Justice Department's Office of the Chief Information Officer discovered the breach on the day before Christmas - nearly two weeks after Reuters first reported that hackers suspected of acting on Russia's behalf had broken into U.S. government networks.

Russia has denied responsibility for the hacking campaign, which has been described as one of the most sophisticated operations uncovered in years. Cybersecurity experts have said a full recovery from the breaches could take months - or even longer.

(Reporting by Raphael Satter with additional reporting by David Shepardson Editing by Chris Reese, Mark Heinrich and Lisa Shumaker)

Our Standards: The Thomson Reuters Trust Principles.