Recent cyberattacks targeting the electronic case management systems of U.S. federal and state courts have raised significant concerns about the security of sensitive court filings. These breaches have exposed vulnerabilities in the judiciary’s digital infrastructure, potentially compromising confidential information and prompting a reevaluation of current cybersecurity measures.
In August 2025, the Administrative Office of the U.S. Courts confirmed that the federal judiciary’s information technology systems had been subjected to “escalated cyberattacks of a sophisticated and persistent nature.” The affected systems included the Case Management/Electronic Case Files (CM/ECF) and the Public Access to Court Electronic Records (PACER), both integral to the management and public accessibility of court documents. The judiciary has since been working to enhance system security and mitigate the impact on litigants.
Reports suggest that Russian government hackers may be at least partially responsible for the breach. According to sources, the attackers searched for midlevel criminal cases in various jurisdictions, focusing on individuals with Russian and Eastern European surnames. This targeted approach indicates a strategic intent to access specific non-public case files.
The implications of such breaches are profound. Unauthorized access to sealed documents could expose the identities of confidential informants, details of ongoing investigations, and sensitive personal information. This not only jeopardizes individual safety but also undermines the integrity of the judicial process.
In response to these incidents, the judiciary has implemented stricter access controls for sealed filings and is collaborating with federal agencies to bolster cybersecurity defenses. However, these measures may not be sufficient. U.S. Senator Ron Wyden has called for an independent review of the federal judiciary’s cybersecurity practices, highlighting the need for a comprehensive assessment and overhaul of existing protocols.
Legal professionals and court administrators must remain vigilant. It is imperative to adopt robust cybersecurity frameworks, conduct regular system audits, and provide ongoing training to staff. Protecting sensitive court filings is not only a matter of national security but also essential to maintaining public trust in the judicial system.