Massive PACER Court Records Hack Exposes Sealed Cases, Informants and National Security Secrets
In early August 2025, the digital backbone of the U.S. federal court system suffered one of its most serious breaches in history. Hackers infiltrated the Case Management/Electronic Case Files (CM/ECF) system and PACER (Public Access to Court Electronic Records)-platforms used by judges, attorneys, journalists, and the public to access and file court documents.
The intrusion, first reported by Politico, was discovered around July 4 and quickly triggered alarms within the judiciary. Early findings suggested that the hackers had accessed a trove of sealed documents, arrest warrants, confidential investigative materials, and even the identities of protected informants.
How the Breach Was Detected
According to Politico, suspicious network activity was first identified by IT staff at the Administrative Office of the U.S. Courts, pointing to unauthorized access deep within CM/ECF’s architecture. While PACER provides public access to case files, CM/ECF contains far more sensitive, non-public records-making its compromise a national security concern.
Within days, the Department of Justice and multiple federal districts were pulled into an emergency response effort, with some courts imposing temporary filing restrictions and enhanced identity verification measures.
Scope and Severity
Officials told Reuters that at least a dozen federal district courts may have been affected, though the true number could be higher.
The compromised data isn’t limited to filings the public might normally view on PACER. Sealed indictments, search warrants, grand jury materials, and attorney-client privileged filings were all potentially exposed-raising the risk of witness intimidation, obstruction of justice, and compromised investigations if the data is weaponized by organized crime or hostile foreign actors.
Who’s Behind It?
No group has publicly claimed responsibility, but intelligence assessments point to nation-state-linked hackers. Investigators have not ruled out possible cartel involvement, given the value sealed case information might hold for drug trafficking organizations. This mirrors tactics used elsewhere, where criminal networks have hacked law enforcement or court systems to identify informants.
Cybersecurity experts told Wired the operation bore the hallmarks of a persistent, multi-vector campaign requiring advanced resources-well beyond the scope of amateur cybercriminals.
A Legacy Problem
The breach also highlights a long-standing vulnerability: the court system’s reliance on outdated, patchwork technology. Both CM/ECF and PACER were built decades ago and have been incrementally patched rather than fully rebuilt. Judges and reform advocates have warned for years that these platforms are ill-equipped to withstand modern cyberattacks. The ITPro report described the incident as part of a series of “escalated cyber attacks” targeting the judiciary and exposing highly sensitive materials, underscoring the need for modernization. Advocacy group Fix The Court called the hack “terrible but not surprising” and urged Congress to pass the Open Courts Act to replace outdated systems and improve security.
Official and Legislative Response
The Administrative Office of the U.S. Courts has said it is working closely with the Cybersecurity and Infrastructure Security Agency (CISA), the DOJ, and the Department of Homeland Security to contain the breach and harden defenses. Measures include limiting remote access, mandating multi-factor authentication, and tightening system-to-system data transfers.
House Judiciary Committee Ranking Member Jamie Raskin (D-Md.) said the most recent hack of the federal court filing system ‘underscores the urgent need for Congress to fund the judiciary at its requested levels so they can modernize their infrastructure and protect the integrity of our legal system.’ He added, ‘Judges and other experts have long warned Congress that the federal judiciary's outdated electronic systems are vulnerable to exactly this kind of breach. We can't allow sensitive information to remain exposed to such serious and entirely preventable threats.’"
Public Reaction
Outside Washington, the breach sparked outrage among legal professionals, journalists, and open-government advocates who rely on PACER daily. On X (formerly Twitter), investigative reporter Jason Paladino vented:
PACER and CM/ECF hacked! Maybe if they spent our PACER fees on cybersecurity instead of remodeling judges chambers… https://t.co/Gtq5rilu8j
— Jason Paladino (@jason_paladino) August 7, 2025
The comment struck a nerve with many who argue that the fees collected for PACER access-meant to support system maintenance-have too often been diverted to unrelated expenses.
The Risks Ahead
If the stolen data is sold on the dark web or shared with criminal organizations, the fallout could be severe:
- Witness and Informant Exposure - Identities could be used for retaliation or coercion.
- Compromised Investigations - Leaked warrants or sealed filings could tip off suspects.
- National Security Threats - Foreign intelligence agencies could exploit the information for espionage or leverage.
Some courts have already begun reviewing sensitive cases to determine whether witnesses or cooperating defendants need additional protection.
Why This Breach Stands Out
While the U.S. government has suffered high-profile hacks before-such as the SolarWinds supply-chain attack in 2020 or the Office of Personnel Management breach in 2015-this one strikes at the operational core of the justice system. It’s not just personal data at stake but the integrity of criminal prosecutions, national security cases, and public trust in the judiciary’s ability to protect its own records.
As Politico noted, the incident poses a fundamental challenge: how to keep court proceedings transparent while safeguarding information that, in the wrong hands, could endanger lives and compromise the rule of law.
Conclusion
The August 2025 PACER and CM/ECF hack is a warning shot. Reporting from Politico, Reuters, Wired, and ITPro paints a clear picture: without urgent, well-funded modernization, the judiciary’s most sensitive systems will remain exposed to the next attack-and the one after that.
