WASHINGTON (AP) –
The Justice Department disclosed on Wednesday that it was among federal agencies hurt by a massive breach of government networks that the American authorities called Russia.
The extent of the damage was unclear. The department said 3% of its Microsoft Office 365 email accounts were potentially affected, but did not say who those accounts belonged to. There is no evidence that classified systems have been affected, the agency said.
The department said on December 24 it detected “hitherto unknown malicious activity”, linked to broader federal agency raids revealed earlier that month, according to a statement by spokesman Marc Raimondi.
The statement came a day after federal police and intelligence agencies formally implicated Russia in the invasions, which officials said were part of a suspected intelligence gathering operation. President Donald Trump had previously raised, without evidence, the idea that China could be to blame.
The hacking campaign was extraordinary in scale, with attackers chasing government agencies, defense contractors and telecommunications companies for months until the breach was discovered. Experts say it gave foreign agents enough time to collect data that could be highly detrimental to the national security of the United States, although the scope of the breaches and exactly the information requested is unknown.
An estimated 18,000 organizations were affected by malicious code that hitchhiked on popular network management software from a company in Austin, Texas, called SolarWinds. Of these clients, however, “a much smaller number has been compromised by subsequent activities in their systems,” said the statement, noting that less than 10 federal government agencies have so far been identified as belonging to this category.