More details on the fallout from last month’s SolarWinds hack continue to come out. On Wednesday, the US Department of Justice announced it was also a victim of the attack, which US intelligence agencies said earlier in the week was “likely” carried out by Russian state-sponsored hackers. According to the DOJ, approximately three percent of its Office 365 email accounts were accessed. That may not seem like that like a significant number, but the agency is categorizing the breach as a “major incident” all the same.
The DOJ learned of the hack on its email accounts on December 24th, at which point it closed the vulnerability. It said it doesn’t have any evidence that suggests the hackers accessed any classified information.
The SolarWinds hack originated at some point in March when hackers managed to breach the company’s Orion network monitoring software. US intelligence officials estimate that approximately 18,000 public and private sector organizations were affected as part of the incident. Some of the more notable names include the US Nuclear Security Administration and Microsoft.