After some investigations, Justice Department says the email accounts were compromised between May 7 to Dec. 27, 2020. This was around the same time as the Solar Winds hack.
The Russians in carrying out the SolarWinds hacking campaign also exploited for themselves weaknesses in Microsoft software to access the email accounts of prominent federal prosecutors’ offices last year, the Justice Department posited.
Around the country, at least 27 U.S. attorney’s offices had at least one employee email hacked. Eighty percent of accounts used by employees in the four U.S. attorney offices in New York were breached. New York prosecutors are the largest source of financial crime cases.
“The Department is responding to this incident as if the Advanced Persistent Threat (APT) group responsible for the SolarWinds breach had access to all email communications and attachments found within the compromised O365 accounts,” it said.
Three months ago, the Biden administration imposed sanctions on Moscow over the SolarWinds hack and alleged interference in the 2020 U.S. presidential election. The Russian Federation has denied this allegation of wrongdoing.
The full list of hacked offices include:
- Western District of Washington;
- District of Columbia;
- Central District of California;
- Northern District of Georgia;
- Middle District of Florida;
- Southern District of Florida;
- District of Maryland;
- District of New Jersey;
- Eastern District of New York;
- Southern District of New York;
- District of Kansas;
- Northern District of New York;
- Eastern District of North Carolina;
- District of Montana;
- Eastern District of Pennsylvania;
- Middle District of Pennsylvania;
- Northern District of Florida;
- Western District of Pennsylvania;
- Northern District of Texas;
- Southern District of Texas;
- District of Nevada;
- Western District of Texas;
- District of Vermont;
- Western District of New York;
- Western District of Virginia;
- Eastern District of Virginia; and
- Northern District of California.