Tech

DoJ says SolarWinds hackers breached its Office 365 system and read email

DoJ says SolarWinds hackers breached its Office 365 system and read email

Enlarge (credit: Gregory Varnum)

The US Justice Department has become the latest federal agency to say its network was breached in a long and wide-ranging hack campaign that’s believed to have been backed by the Russian government.

In a terse statement issued Wednesday, Justice Department spokesman Marc Raimondi said that the breach wasn’t discovered until December 24, which is nine days after the the hack campaign came to light. The hackers, Raimondi said, took control of the department’s Office 365 system and accessed email sent or received from about 3 percent of accounts. The department has more than 100,000 employees.

Investigators believe the campaign started when the hackers took control of the software distribution platform of SolarWinds, an Austin, Texas-based maker of network management software that’s used by hundreds of thousands of organizations. The attackers then pushed out a malicious update that was installed by about 18,000 of those customers. Only a fraction of the 18,000 customers received a follow-on attack that used the backdoored SolarWinds software to view, delete, or alter data stored on those networks.

Read 5 remaining paragraphs | Comments