It is the sort of breach that would be the stuff of spy thrillers if the stakes were not so high. U.S. investigators now believe that Russia — or a proxy acting on its behalf — has been at least partly responsible for a years-long infiltration of the computer system used to manage federal court documents.

The target was not routine paperwork but sealed filings: highly sensitive legal records containing details of sources, informants, and individuals charged with national security crimes.

The scale of the compromise is sobering. Court administrators have acknowledged that “persistent and sophisticated” actors accessed these records, prompting an urgent internal warning to remove the most sensitive documents from the network entirely. The breach spans at least eight district courts, from New York to the Midwest, and includes criminal cases with a notable cluster of Russian and Eastern European names.

It is not clear whether the culprits were a formal arm of Russian intelligence or an allied group, but the suspicion is enough to have rattled Washington’s legal establishment. The timing could not be more politically charged: President Trump is due to meet Vladimir Putin in Alaska this Friday, intending to discuss his ambitious plan to end the war in Ukraine. That the Kremlin’s digital fingerprints should be found on America’s judicial files in the same week is a reminder of just how deeply entwined cyber operations have become with geopolitics.

The U.S. court system is a sprawling behemoth, relying heavily on its Case Management/Electronic Case Files system and the public PACER database. These tools, meant to bring efficiency and transparency, have long been known to harbour vulnerabilities. This latest breach underscores a bitter truth: for all the talk of hardened networks and cyber resilience, America’s most sensitive institutions remain alarmingly exposed.

The immediate response has been drastic. In New York’s Eastern District, Chief Judge Margo K. Brodie has prohibited the uploading of sealed documents to PACER altogether. Sensitive files are now stored on entirely separate drives, isolated from the internet-facing system. Other districts have adopted similar measures, in some cases reverting to the low-tech methods of the pre-digital age: filing complaints and indictments by hand, hand-delivering search warrants, and even issuing burner phones to judges travelling overseas.

This is not, however, the first time the alarm has been raised. In January 2021, the courts admitted to a previous cyberattack — one that former law enforcement officials have since attributed to Russia. That breach, too, was described as “extremely serious,” and led to temporary procedural changes. But the nature of large bureaucratic systems is that security discipline fades over time, vulnerabilities re-emerge, and adversaries wait patiently for their next opportunity.

What is particularly disturbing in this case is the breadth of the potential damage. Sealed court filings often contain names of cooperating witnesses, details of undercover operations, and intelligence gathered from foreign sources. If such information has indeed been exfiltrated, the consequences could be lethal for individuals and catastrophic for ongoing investigations. Moscow has a long history of using such material for intimidation, blackmail, and disinformation.

The breach also raises awkward questions about judicial transparency versus operational secrecy. Public access to court records is a cornerstone of the American legal tradition, but the digital architecture that enables it has become a glaring weak point. The PACER system, designed in a more innocent internet age, is ill-equipped for the kind of targeted, nation-state level attacks now routine in global espionage.

Beyond the immediate security implications, the affair illustrates a strategic point that applies well beyond the United States. Western democracies have spent years preparing their militaries, energy grids, and financial systems for hybrid warfare. Yet institutions such as courts — repositories of state secrets and intelligence-linked evidence — are often overlooked in resilience planning. A court’s cyber defences may not have the glamour of missile systems or the urgency of power-grid security, but they are a vital flank in the broader conflict of the 21st century.

It is telling that some of the measures now being implemented are not high-tech fixes but procedural reversions: physical isolation of sensitive files, paper-based submissions, and restricted overseas access. This may seem archaic, but in the asymmetric contest between state hackers and defensive systems, low-tech often means low-risk.

The fact that federal judges were instructed not to discuss the breach even with colleagues underlines the nervousness at the top. This is as much about public confidence in the judicial system as it is about operational security. If Americans begin to suspect that the courts cannot safeguard sensitive material, trust in the system could erode — a win for any foreign adversary intent on undermining U.S. institutions from within.

For now, the Administrative Office of the U.S. Courts and the Justice Department remain tight-lipped, declining to answer questions on the record. That may be prudent while the investigation continues, but it will inevitably fuel speculation about the scale of the compromise. In the meantime, court officials have pledged to roll out stronger authentication measures, tighter access controls, and greater monitoring of digital traffic.

Even so, the larger problem remains: cyber intrusions by state actors are not occasional incidents but constant background noise. The Kremlin’s cyber units, like those of China and Iran, operate with the patience of experienced hunters. They will exploit every software update, every procedural lapse, every moment when vigilance drops.

The lesson here is uncomfortable but unavoidable. Courts, like every other arm of government, must be treated as potential battlegrounds in the digital age. That means sustained investment in security, a willingness to adopt unglamorous protective measures, and — crucially — the humility to accept that convenience and openness sometimes have to yield to safety.

Russia may not have the military reach to challenge the United States directly, but as this breach shows, it can still reach deep into the American state’s vital organs. The only real question is whether this latest incursion will finally spur the sustained defensive reforms that should have followed the 2021 breach — or whether, in a few years’ time, we will be reading about the next one.