SolarWinds Hackers accessed Office 365 mailboxes of the U.S. Justice Department’s.
Over 100 to 280 organizations installed a trojanized version of the SolarWinds Orion platform that infects internal systems with the Sunburst malware.
Moreover, between March and June 2020, this malware was injected inside updates for the SolarWinds Orion app released, according to the report.
The US Department of Justice(DOJ) confirmed its internal network was compromised as part of the SolarWinds supply chain attack.
“On December 24, 2020, the Department of Justice’s Office of the Chief Information Officer (OCIO) learned of previously unknown malicious activity linked to the global SolarWinds incident that has affected multiple federal agencies and technology contractors, among others,” DoJ spokesperson Marc Raimondi said in a short statement.
“This activity involved access to the Department’s Microsoft Office 365 email environment.”
At this point, the number of potentially accessed O365 mailboxes appears limited to around 3-percent, in their report.
Where, overall DOJ employees are estimated at around 100,000 to 115,000 but 3,000 to 3,450 are impacted.
On the other hand, A long list of companies and government agencies impacted in the SolarWinds hack:
- The US Treasury Department
- The US Department of Commerce’s National Telecommunications and Information Administration (NTIA)
- The Department of Health’s National Institutes of Health (NIH)
- The Cybersecurity and Infrastructure Agency (CISA)
- The Department of Homeland Security (DHS)
- The US Department of State
- The National Nuclear Security Administration (NNSA)
- The US Department of Energy (DOE)
- Three US state governments
- City of Austin
- also, Many hundreds more, such as Cisco, Intel, VMWare, and others.
In a press statement, And as part of the ongoing technical analysis, the Department has determined that the activity constitutes a major incident under the Federal Information Security Modernization Act, and is taking the steps consistent with that determination.
In short, The Department will continue to notify the appropriate federal agencies, Congress, and the public as warranted.”