Security News > 2021 > July > DOJ: SolarWinds hackers breached emails from 27 US Attorneys’ offices

The US Department of Justice says that the Microsoft Office 365 email accounts of employees at 27 US Attorneys' offices were breached by the Russian Foreign Intelligence Service during the SolarWinds global hacking spree.

Even though other districts were also affected by the attacks to a lesser degree, the Russian SVR state hackers managed to breach the O365 email accounts of at least 80 percent of employees from US Attorneys' offices located in the Eastern, Northern, Southern, and Western Districts of New York.

The DOJ confirmed that the hacking group behind the SolarWinds supply-chain attack breached the Department's Microsoft O365 email environment in a statement published on January 6, 2021.

The White House named the SVR's hacking division as the group behind the cyber espionage activity exploiting the SolarWinds Orion platform, which allowed them to access the networks of multiple US federal agencies and private tech sector firms.

The attackers breached SolarWinds' internal systems and trojanized the Orion Software Platform source code and builds released between March 2020 and June 2020.

Before the attack was disclosed, SolarWinds displayed a list of 300,000 customers worldwide [1, 2] on its website: over 425 US Fortune 500 companies, all top ten US telecom companies, as well as a long list of govt agencies.

News URL

https://www.bleepingcomputer.com/news/security/doj-solarwinds-hackers-breached-emails-from-27-us-attorneys-offices/