Hackers behind the SolarWinds cyberattack gained access to employee email accounts in 27 U.S. Attorneys’ offices, the Justice Department said Friday.
The attack compromised Microsoft 365 accounts of at least 80% of the department’s employees working in offices located in the Eastern, Northern, Southern and Western Districts of New York. Also affected to a lesser degree were employees in U.S. Attorneys’ offices in 14 other states, including California, Florida, Maryland, Texas and Virginia, as well as the District of Columbia.
In its response to the attack, the Justice Department is assuming that the hackers would have been able to access to all sent, received and stored emails and attachments from early May to late December 2020 held in the compromised accounts. The U.S. Attorneys’ Executive Office has notified and provided guidance to employees whose accounts were breached.null
Russian state-sponsored hackers are suspected of being behind the alteration of software belonging to Texas-based SolarWinds Corp., which was disclosed in December 2020. In April, the Biden administration formally accused the Russian Foreign Intelligence Service of perpetrating the attack.
The hackers used the SolarWinds breach and other methods to infiltrate at least nine agencies of the U.S. federal government and about 100 companies. On Jan. 6, the Justice Department announced that it was among the government agencies affected by the SolarWinds cyberattack. Its announcement Friday gave more detail on the extent of the attack.