U.S. Federal Courts Hacked: PACER Breach Exposes Sealed Records, Witness IDs

Hackers breached U.S. federal courts' PACER and CM/ECF systems on August 6, 2025, exposing sensitive data like sealed records and witness identities, potentially from state-sponsored actors. This major cyberattack, exploiting outdated software, jeopardizes investigations and informant safety. Officials are investigating and upgrading systems to prevent future threats.
U.S. Federal Courts Hacked: PACER Breach Exposes Sealed Records, Witness IDs
Written by John Smart

In a stunning blow to the U.S. judicial system’s digital infrastructure, hackers have breached the federal courts’ electronic filing and records platforms, exposing sensitive data that could jeopardize ongoing investigations and the safety of confidential informants. The intrusion, first reported on August 6, 2025, targeted the Public Access to Court Electronic Records (PACER) and the Case Management/Electronic Case Files (CM/ECF) systems, which handle millions of court documents annually across all federal districts. Officials fear that sealed records, witness identities, and case details from multiple states have been compromised, marking one of the most significant cyberattacks on American legal institutions in recent years.

The breach came to light through internal alerts within the Administrative Office of the U.S. Courts, prompting an immediate shutdown of affected systems for forensic analysis. According to sources familiar with the matter, the attack exploited vulnerabilities in outdated software components, allowing unauthorized access to databases that store everything from criminal indictments to civil litigation files. This isn’t the first time the judiciary has faced such threats; a similar incident in 2021, linked to the SolarWinds hack, raised alarms about foreign espionage, as detailed in reports from The Wall Street Journal.

The Scope of the Intrusion and Initial Responses

Investigators believe the hackers, potentially state-sponsored actors from adversaries like Russia or China, infiltrated the systems as early as mid-2024, siphoning data over months before detection. Politico, in its August 6 coverage, cited insiders who described the hack as “sweeping,” with fears that informant identities in high-profile cases—ranging from drug trafficking to national security matters—may now be in the hands of malicious entities. The Justice Department has launched a full investigation, coordinating with cybersecurity firms to assess the damage, while federal judges have been advised to review and reseal compromised documents.

Reuters echoed these concerns in an August 7 report, noting that the breach affected courts in at least a dozen states, including California, New York, and Texas. The exposure of sealed records could lead to witness tampering or retaliation, prompting urgent relocations for some individuals under protection. Cybersecurity experts point out that PACER’s paywall model, while intended to fund operations, has long masked deeper security flaws, such as insufficient encryption for sensitive uploads.

Historical Context and Systemic Vulnerabilities

This incident builds on a pattern of cyberattacks targeting U.S. government entities. A 2022 breach, investigated by the Justice Department and reported by Politico, involved a “system security failure” in the courts’ document management, leading to temporary filing halts. More recently, posts on X (formerly Twitter) from cybersecurity accounts have highlighted ongoing concerns, with users speculating on foreign involvement based on the attack’s sophistication, though no official attribution has been made public as of August 9, 2025.

Drawing from a deep dive by Wired, the hack exploited legacy code in CM/ECF, a system dating back to the 1990s, which lacks modern defenses against advanced persistent threats. Wired’s analysis reveals how attackers used phishing tactics combined with zero-day exploits to gain administrative privileges, potentially downloading terabytes of data. This vulnerability underscores a broader issue: federal IT budgets for the judiciary have lagged behind those of executive agencies, leaving critical infrastructure exposed.

Implications for Justice and National Security

The fallout extends beyond immediate data loss. Legal experts warn that exposed case files could undermine trials, with defense attorneys potentially challenging evidence integrity. In one alarming detail from Mashable’s August 7 article, hackers accessed “valuable information” including sealed indictments, raising espionage risks in sensitive international cases. The Biden administration has responded by allocating emergency funds for system upgrades, but critics argue this is reactive rather than proactive.

On X, sentiment among tech insiders reflects growing alarm, with posts emphasizing the need for blockchain-based security or AI-driven anomaly detection to prevent future breaches. WebProNews, in its August 8 coverage, described the attack as “unprecedented,” endangering lives and highlighting the perils of outdated infrastructure amid rising global cyber threats. As the investigation unfolds, federal officials are pushing for mandatory two-factor authentication and cloud migration, though implementation could take years.

Path Forward: Reforms and Challenges

Rebuilding trust in the system will require more than patches. Industry insiders, speaking anonymously, suggest integrating federal courts into the broader Cybersecurity and Infrastructure Security Agency (CISA) framework for real-time threat sharing. Boston 25 News reported on August 7 that the PACER hack disrupted filings nationwide, causing delays in court proceedings and prompting some districts to revert to paper-based systems temporarily.

Ultimately, this breach serves as a wake-up call for modernizing judicial tech. As detailed in KIRO 7 News updates, hackers targeted the heart of American justice, exposing not just data but systemic frailties. With potential links to foreign powers, as speculated in WebProNews’s foreign hacker analysis, the U.S. must accelerate reforms to safeguard the rule of law in an increasingly digital world. Ongoing probes may reveal more, but for now, the judiciary races to contain the damage while bracing for possible aftershocks.

Subscribe for Updates

CybersecurityUpdate Newsletter

The CybersecurityUpdate Email Newsletter is your essential source for the latest in cybersecurity news, threat intelligence, and risk management strategies. Perfect for IT security professionals and business leaders focused on protecting their organizations.

By signing up for our newsletter you agree to receive content related to ientry.com / webpronews.com and our affiliate partners. For additional information refer to our terms of service.

Notice an error?

Help us improve our content by reporting any issues you find.

Get the WebProNews newsletter delivered to your inbox

Get the free daily newsletter read by decision makers

Subscribe
Advertise with Us

Ready to get started?

Get our media kit

Advertise with Us