Attack claimed by pro-Ukraine hackers reportedly erases a third of Russian court case archive
A cyberattack on Russia's national case management and electronic court filing system wiped out about a third of its case archive, according to a report by the Russian Audit Chamber.
The system, known as “Pravosudiye” (meaning “justice” in Russian), was hacked last October and was down for a month, disrupting the operation of Russian court websites, communication networks, and email services.
The attack was claimed by the pro-Ukraine hacking group BO Team, which has previously collaborated with Ukrainian military intelligence in operations against Russian entities. Ukrainian authorities have not publicly confirmed any official military intelligence participation in this incident.
After the breach, the Pravosudiye system lost nearly 89 million court files stored in a “consolidated database” containing all decisions from Russian courts, the report said.
Local media reported that the missing records should still be accessible on individual district and local court websites, but compiling them into a single archive could be difficult.
The Audit Chamber's report also revealed a troubling security lapse in the Pravosudiye system: The last external security check of its websites was conducted in 2015, and the system itself has not been fully updated since its implementation. The system runs on outdated foreign software, with all data and copies stored in a single data center.
In March, Russia’s Federal Security Service (FSB) conducted raids on IT companies involved in the development of an information system for Moscow's courts, which is part of the Pravosudiye system. Local media reported that the FSB's actions were triggered by concerns about the legality of the budget funds allocated to the project. Since 2003, the Russian government has allocated 65.2 billion rubles ($810 million) to Pravosudiye.
This breach is part of a broader series of cyberattacks in the ongoing war between Russia and Ukraine. The full impact of such attacks is often hard to verify due to limited publicity from affected companies and authorities, but cases like the Pravosudiye hack reveal the potential long-term consequences.
Daryna Antoniuk
is a reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for Forbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.