PACER electronic filing system under attack by hackers, federal judge warns lawmakers

The federal judge overseeing efforts to modernize electronic case filing technology for U.S. courts told a congressional committee this week that the nation’s court system is under constant attack by increasingly sophisticated hackers.

Michael Scudder, who chairs the Committee on Information Technology for the federal courts’ national policymaking body, told members of the House Judiciary Committee that about 200 million harmful cyber “events” were prevented from penetrating court local area networks in fiscal 2024.

“The Judiciary has had to respond to waves of highly sophisticated and persistent cyber threats,” Scudder said in written testimony. “Given the information in the Judiciary’s control, we continue to face unrelenting security threats of extraordinary gravity.”

Scudder said he believes cyberattacks will become more damaging in the future and indicated that there have already been cybersecurity incidents that he can’t disclose publicly due to their sensitivity.

The court system allows judges and lawyers to file all court documents electronically through its Public Access to Court Electronic Records (PACER) platform. 

Many of those documents are sealed, including indictments, names of cooperating witnesses and arrest and search warrants. Sealed documents also include national security information and evidence with “proprietary economic value,” Scudder wrote.

Scudder testified that external experts and members of his committee have concluded that PACER is “unsustainable due to cyber risks” and must be replaced with a more modern system in the coming years due to its increasing vulnerability to hacks. 

The committee is overseeing the development and launch of an overhauled system which will be created through “agile” software development and piloted in courts across the country as it is built, he testified.

The problem is not new.

In July 2022, a top Justice Department official told the House Judiciary Committee the agency was investigating a significant hack. During the hearing, Jerry Nadler (D-NY), then the committee chair, revealed that three “hostile foreign actors” attacked PACER during a 2020 data breach which he called “startling in breadth and scope.”

Scudder focused on continuing cyber threats plaguing PACER, testifying at a moment when the Justice Department is requesting an allocation of $74 million in the fiscal year 2026 budget, in part so that the federal judiciary can overhaul the electronic case filing system.

Congress has already provided some funding to bolster the court system’s overall cybersecurity, which Scudder said has enabled “substantial progress,” including through the implementation of multifactor authentication and the completion of the first of four phases of a new identity credentials program designed to reduce reliance on “outdated password-oriented paradigms.”

The courts have also used already allocated funds to strengthen network monitoring and activity logging tools and to invest in better firewalls and endpoint protection tools, Scudder testified. 

“Experience has shown that the Judiciary is a high-value target for malicious actors and cyber criminals seeking to misappropriate confidential information and disrupt the judicial process in the United States,” Scudder testified. 

“These attacks pose risks to our entire justice system.”

Scudder said his committee is working closely with the DOJ’s National Security Division, FBI cyber experts, the Cybersecurity and Infrastructure Security Agency and the Office of the National Cyber Director to strengthen cyber defenses and probe cyber attacks.