The US Department of Justice announced late Friday that email accounts belonging to employees at federal prosecutors’ offices throughout the US were compromised between May 7 and December 27, 2020, as part of last year's SolarWinds hack. As part of that cyberattack, Russian hackers were able to exploit software used by customers of IT software provider SolarWinds.
The DOJ confirmed that one or more email accounts were compromised at 27 offices, but further highlighted that 80 percent of employee email accounts were compromised at the U.S. Attorneys’ offices located in the Eastern, Northern, Southern, and Western Districts of New York. The DOJ also acknowledged that hackers had access to all sent, received, and stored emails and attachments from the compromised accounts. The DOJ, as part of its announcement, assured that it has notified all impacted account holders and that it continues to investigate and mitigate the impact of the hack.
Nixon Peabody’s Cybersecurity and Privacy Team will continue to monitor developments and any fallout concerning this revelation.
The DOJ listed the following US Attorneys’ offices as having been hit by the email breaches:
-
Central District of California
-
Northern District of California
-
District of Columbia
-
Northern District of Florida
-
Middle District of Florida
-
Southern District of Florida
-
Northern District of Georgia
-
District of Kansas
-
District of Maryland
-
District of Montana
-
District of Nevada
-
District of New Jersey
-
Eastern District of New York
-
Northern District of New York
-
Southern District of New York
-
Western District of New York
-
Eastern District of North Carolina
-
Eastern District of Pennsylvania
-
Middle District of Pennsylvania
-
Western District of Pennsylvania
-
Northern District of Texas
-
Southern District of Texas
-
Western District of Texas
-
District of Vermont
-
Eastern District of Virginia
-
Western District of Virginia
-
Western District of Washington