SolarWinds hackers gained access to thousands of DOJ email accounts

News
By published

Fortunately, no classified information was accessed

Zero-day attack
(Image credit: Shutterstock.com)

As the fallout from the recent SolarWinds hack continues, it has now been confirmed that thousands of email accounts at the US Department of Justice (DOJ) have been compromised. The incident is another concerning example of a US Government agency being targeted as a result of the attack.

“After learning of the malicious activity, the [Office of the Chief Information Officer] eliminated the identified method by which the actor was accessing the O365 email environment,” a Department of Justice statement read. “At this point, the number of potentially accessed O365 mailboxes appears limited to around 3% and we have no indication that any classified systems were impacted.”

Given that the DOJ employs more than 115,000 people, 3% equates to just under 3,500 email accounts. It is not clear whether the compromised mailboxes belonged to specific individuals at the DOJ or if the attackers took a more scattergun approach.

Government failings

Last month, reports began emerging of a huge supply chain malware attack on software manufacturer SolarWinds. Around 18,000 customers were using the vulnerable version of the company’s Orion platform at the time of the attack, with private companies and government agencies affected.

In the days and weeks that have followed the initial discovery of the malware, further evidence has come to light on the sheer scale and sophistication of the attack. The hack, which investigators believe was primarily an intelligence gathering operation, has been attributed to the Russian state.

The admission by the DOJ that thousands of its mailboxes have been impacted is another blow for the US federal government. Previous reports revealed that both the US Energy Department and the National Nuclear Security Administration had also been affected.

Via BleepingComputer

Barclay Ballard
Barclay Ballard

Barclay has been writing about technology for a decade, starting out as a freelancer with ITProPortal covering everything from London’s start-up scene to comparisons of the best cloud storage services.  After that, he spent some time as the managing editor of an online outlet focusing on cloud computing, furthering his interest in virtualization, Big Data, and the Internet of Things. 

Latest in Security
Isometric demonstrating multi-factor authentication using a mobile device.
NCSC gets influencers to sing the praises of 2FA
Sam Altman and OpenAI
OpenAI is upping its bug bounty rewards as security worries rise
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Dangerous new CoffeeLoader malware executes on your GPU to get past security tools
China
Notorious Chinese hackers FamousSparrow allegedly target US financial firms
A digital representation of a lock
NYU website defaced as hacker leaks info on a million students
NHS
NHS IT supplier hit with major fine following ransomware attack
Latest in News
Nintendo Switch 2 Joy-Con up-close from app store
Nintendo's new app gave us another look at the Switch 2, and there's something different with the Joy-Con
cheap Nintendo Switch game deals sales
Nintendo didn't anticipate that Mario Kart 8 Deluxe was 'going to be the juggernaut' for the Nintendo Switch when it was ported to the console, according to former employees
Toni Collette in Hereditary
Everything leaving Netflix in April 2025 – from the scariest movie ever made to a beloved DreamWorks animation with 99% on Rotten Tomatoes
Three angles of the Apple MacBook Air 15-inch M4 laptop above a desk
Apple MacBook Air 15-inch (M4) review roundup – should you buy Apple's new lightweight laptop?
Witchbrook
Witchbrook, the life-sim I've been waiting years for, finally has a release window and it's sooner than you think
Close up of Leica M11-P viewfinder
I wince at the prospect of the rumored Leica M11-V – here's why
More about security
Sam Altman and OpenAI

OpenAI is upping its bug bounty rewards as security worries rise
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.

Dangerous new CoffeeLoader malware executes on your GPU to get past security tools
Toni Collette in Hereditary

Everything leaving Netflix in April 2025 – from the scariest movie ever made to a beloved DreamWorks animation with 99% on Rotten Tomatoes
See more latest
Most Popular
Toni Collette in Hereditary
Everything leaving Netflix in April 2025 – from the scariest movie ever made to a beloved DreamWorks animation with 99% on Rotten Tomatoes
Close up of Leica M11-P viewfinder
I wince at the prospect of the rumored Leica M11-V – here's why
Nintendo Switch 2 Joy-Con up-close from app store
Nintendo's new app gave us another look at the Switch 2, and there's something different with the Joy-Con
HP ZBook Ultra G1a
HP's ridiculously fast Ryzen AI Max+ Pro 395 laptop with 128GB RAM goes on sale everywhere in the US, but it won't be cheap
A mobile phone showing the Signal logo in front of a screen showing the app
Signalgate explained: what is Signal, and how secure is the messaging app?
Asus Ascent GX10 Rear
Asus's more affordable version of Nvidia's uber-popular Project Digits snapped at GTC 2025
iPhone 13 mini
The iPhone mini won't be returning, according to rumors – and you think that's a mistake
Sam Altman and OpenAI
OpenAI is upping its bug bounty rewards as security worries rise
cheap Nintendo Switch game deals sales
Nintendo didn't anticipate that Mario Kart 8 Deluxe was 'going to be the juggernaut' for the Nintendo Switch when it was ported to the console, according to former employees
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Dangerous new CoffeeLoader malware executes on your GPU to get past security tools