July 31 (UPI) -- The hackers behind last year's SolarWinds cyberattack breached emails in dozens of U.S. attorneys' offices, the U.S. Department of Justice announced.
The cyberattack breached "one or more employees'" Microsoft email accounts in 27 offices across 15 states and the District of Columbia, according to an update on the case released Friday. Hackers had access to the breached accounts from approximately May 7 to Dec. 27.
Attorneys in all four districts of New York were hardest hit, with hackers gaining access to at least 80% of those employees' accounts, the federal agency said.
The update follows a Jan. 6 statement the Justice Department issued which acknowledged the global SolarWinds incident breached the department's Microsoft emails, which "constitutes a major incident under the Federal Information Security Modernization Act."
- Amazon, Delta, British Airways, UPS among sites affected by major web outage
- State Dept. sending 2nd-highest ranking official to China for 'candid' talks
- Senate to investigate links between cryptocurrencies, cybercrime
- Justice Department indicts 4 as White House blames China for cyberattacks
- Russian defense ministry website shut down by foreign hackers
The Justice Department became aware of the breach on Dec. 24, which involved Russian hackers, according to federal authorities, exploiting SolarWinds software to compromise up to 18,000 of its customers' accounts.
The cyberattack also affected multiple federal agencies and Fortune 500 companies.
After becoming aware of the breach, the Office of the Chief Information Officer eliminated the method of access. At that point, 3% of email accounts were impacted, and there was no indication classified systems were impacted.
President Joe Biden's administration formally named the Russian Foreign Intelligence Service as the perpetrator of the SolarWinds cyberattack in April, and issued sanctions against Russia for the hack and for meddling in the 2020 election.
On Wednesday, Biden signed a memo to increase national defenses against cyberattacks, citing separate recent ransomware attack on Colonial Pipeline that led to gas shortages in May and cyberattack on JBS Foods in the United States.