The ongoing breach affecting thousands of organizations that relied on backdoored products by network software firm SolarWinds may have jeopardized the privacy of countless sealed court documents on file with the U.S. federal court system, according to a memo released Wednesday by the Administrative Office (AO) of the U.S. Courts.
The judicial branch agency said it will be deploying more stringent controls for receiving and storing sensitive documents filed with the federal courts, following a discovery that its own systems were compromised as part of the SolarWinds supply chain attack. That intrusion involved malicious code being surreptitiously inserted into updates shipped by SolarWinds for some 18,000 users of its Orion network management software as far back as March 2020.
“The AO is working with the Department of Homeland Security on a security audit relating to vulnerabilities in the Judiciary’s Case Management/Electronic Case Files system (CM/ECF) that greatly risk compromising highly sensitive non-public documents stored on CM/ECF, particularly sealed filings,” the agency said in a statement published Jan. 6.
[…]
The AO’s court document system powers a publicly searchable database called PACER, and the vast majority of the files in PACER are not restricted and are available to anyone willing to pay for the records.
But experts say many other documents stored in the AO’s system are sealed — either temporarily or indefinitely by the courts or parties to a legal matter — and may contain highly sensitive information, including intellectual property and trade secrets, or even the identities of confidential informants.
[…]
The acknowledgement from the AO comes hours after the U.S. Justice Department said it also was a victim of the SolarWinds intruders, who took control over the department’s Office 365 system and accessed email sent or received from about three percent of DOJ accounts (the department has more than 100,000 employees).
The SolarWinds hack also reportedly jeopardized email systems used by top Treasury Department officials, and granted the attackers access to networks inside the Energy, Commerce and Homeland Security departments.

I’m old enough to remember that …
“By most accounts, Krebs was one of the more competent and transparent leaders in the Trump administration. But that same transparency may have cost him his job: Krebs’ agency earlier this year launched “Rumor Control,” a blog that sought to address many of the conspiracy theories the president has perpetuated in recent days”
https://krebsonsecurity.com/2020/11/trump-fires-security-chief-christopher-krebs/
Solar winds hack = deep state=O’Butthole
Obama written all over that.
Looking like his lacky Jobama will be in the WH come Jan 20, no one is safe from this monster.
The left has a huge problem with President Trump that he may accidentally let more silent weapon secrets out in the future when not so much security is guarding him and they need him silenced. Like some of his speeches before when he accidentally told the world that we were in the Middle East for the oil and not the Humanitarian Reasons the media was pushing. He had that “Deer in the Headlights” look of being threatened and retacted his speech. His last video speech on smooth transition, he has that same look and posture. There have been 2 Congressmen and 1 Senator who past away in the last 5 days along with many people who have quit in the last couple of days as well. The Democrats are well known to be professional house cleaners of people who they have a problem with. I just had that awful creeping feeling that President Trump will no longer be with us…
I would say that if anything happens to Trump there will be riots in the streets. But the Democrats have already burned the cities.
But we will know. We won’t forget. Someday we’ll have justice for the patriots the left has destroyed. In this world or the next.
As I understand it, a single company using lax – very lax – cybersecurity pushed a compromised automatic update on a bunch of agencies and companies that themselves were using lax – very lax – cybersecurity. A simple, stupid mistake – but we’re told that only a nation/state (almost certainly Russia) could possibly have the sophisticated tools and resources to pull off such an amazing feat of high-level hackery. Bull. A 14-year old hacker could have pulled this off, it wasn’t a *series* of hacks of hundreds of individual accounts, it was one single hack that allowed them access to hundreds of accounts and any senior IT manager who allows automatic updates on their systems should be shot. This was Three Stooges-level incompetence that allowed this to happen, there was nothing sophisticated about it at all. Don’t fall for the lies.
As I understand it
Therein lies the problem.
Their build server, containing the code-signing cert, was compromised. Unless SolarWinds is staffed entirely by morons[1] penetrating the build server would be extremely difficult and probably require inside assistance.
The payload in the compromised updates is extremely sophisticated and does not do what a criminal or anarchist hacker malware would do (make money, show off or crash systems). The payload and the entire supporting infrastructure was designed to gather information about the affected system and any connected systems as stealthily as possible and exfiltrate that information to a global network of receivers that were very difficult to detect. This was absolutely a state-level operation.
In short, you don’t know what you’re talking about.
[1] I’m a former customer; they’re not
So then … Donald Trump’s Russian Handlers did it? Eh?
The password on their build server was something like “SolarWinds123”. If that doesn’t count as “lax security” I don’t know what does.
What about Italygate?
Good data security is incredibly expensive, and still cheap at the price.