The U.S. Justice Department released a list of 27 U.S. Attorneys' offices throughout the country that were hit in the cyberattack against SolarWinds that was revealed in December, in order "to encourage transparency and strengthen homeland resilience," according to its official statement released at the end of last week. The department did not specify when the information was discovered, but said that all those involved have been updated and that the necessary defensive measures have been taken.
The role of the 94 U.S. Attorneys' offices in the U.S. and its territories is to represent the government in district and appeals courts. In 27 of them, there was a breach of at least one Microsoft 365 account, and some of them may have sustained major damage. The most significant concern right now is regarding those in the state of New York where attackers gained access to 80% of the email accounts at each of the four U.S. Attorneys' offices.
"New York is the financial center of the world and those districts are particularly well known for investigating and prosecuting white-collar crimes and other cases, including investigating people close to the former president (Trump)," said Bruce Green, former prosecutor in the Southern District of New York, in a comment to the NPR website.
"The (advanced persistent threat group) is believed to have access to compromised accounts from approximately May 7 to December 27, 2020," the Justice Department's statement said. "The compromised data included all sent, received, and stored emails and attachments found within those accounts during that time." Among the other U.S. Attorneys' offices compromised in the attack, which is attributed to the Russian Nobelium group (which is denied by the Kremlin), were ones in Florida, California, Texas, Georgia, Washington, D.C., Nevada, Maryland, Kansas, Montana and New Jersey.