Add the Department of Justice to the growing list of organizations victimized by the SolarWinds hack, as the department confirmed Wednesday that it learned internal email accounts were compromised on Dec. 24.
According to a brief statement from the department, its Office of the Chief Information Officer learned on Christmas Eve of “previously unknown malicious activity linked to the global SolarWinds incident that has affected multiple federal agencies and technology contractors, among others.”
Hackers were able to gain access to the department’s Microsoft Office 365 email environment. After learning of the activity, the department eliminated the method by which the hackers – believed to be Russian – accessed the accounts.
The department says it believes the number of “potentially accessed O365 mailboxes” is around 3%, and there are no indications that classified systems were impacted.
“As part of the ongoing technical analysis, the Department has determined that the activity constitutes a major incident under the Federal Information Security Modernization Act, and is taking the steps consistent with that determination. The Department will continue to notify the appropriate federal agencies, Congress, and the public as warranted.”
Read Next: SolarWinds Hackers Viewed Microsoft Source Code; Victim List Grows to 250
According to a recent New York Times report, the number of organizations further compromised in the SolarWinds supply chain attack could be as high as 250. Cybersecurity experts have said that although some 18,000 SolarWinds customers were using the compromised version IT management platform Orion, hackers appear to only be targeting high-profile government and tech organizations.
Microsoft is among one of those victims, as the company recently disclosed that hackers were able to view its source code. Previously, the company has said that it found malicious code within the company’s networks, but didn’t believe hackers accessed anything further. The company has said there are no indications of further compromise.
So far, other disclosed victims include Cisco, Intel, VMWare, the US Treasury Department, the US Department of Commerce’s National Telecommunications and Information Administration, the Department of Health’s National Institutes of Health, the Cybersecurity and Infrastructure Agency, the Department of Homeland Security, The US Department of State, the National Nuclear Security Administration and a handful of other state and local governments.
If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!
Leave a Reply