


Several years ago, then-Attorney General Merrick B. Garland invited a group of federal judges to the Justice Department’s headquarters. Once inside a secure room used for handling classified information, the judges were given a grave warning: The nationwide computer system that held court documents, including sealed records about wiretaps, cooperating witnesses and investigative targets, was vulnerable to hackers.
The judiciary should take steps to improve its cybersecurity, and it should do so immediately, the judges were told.
Mr. Garland’s warning turned out to be prescient. This summer, hackers once again penetrated the courts’ system, potentially exposing sealed filings to foreign adversaries. As with an earlier breach in 2020, former officials have told The Times, evidence points to Russia as one of the perpetrators.
The classified briefing has not been previously reported. It took place in late 2020 or early 2021, according to people with direct knowledge of the gathering. It was one of a number of attempts by Mr. Garland and others to sound an alarm after the 2020 breach. A former senior official familiar with the outreach said that Mr. Garland, who served as an appellate judge, was seeking to warn his former colleagues on the bench about the risks.
Lawmakers had made their own attempts to raise concerns about the security of the courts’ Case Management/Electronic Case Files system, known as CM/ECF. In 2020 and again in 2021, they introduced legislation that would have mandated an overhaul.
But the administrative office of the judiciary told Congress in a letter that it had “serious concerns” with the proposal, and urged against “further action on the bill until we can work together on an equitable and viable alternative.” Neither bill passed.