from the power-user-mode-engaged dept
The US Court system’s electronic filing front-end has always been a mess. Not only is it prohibitively expensive for most casual users, it’s prohibitively dysfunctional even for power users. Whoever isn’t discouraged by the outdated front end will be just as unimpressed by its back end. PACER charges per page like it’s a librarian running paper copies on a mimeograph. It also charges per page of search results, even if the inadequate search system fails to turn up anything more than the notification that this failure has added another $0.10 to your PACER tab.
Perhaps the only way to make PACER useful is to bypass the front end and root around in the digital back room. That’s what appears to have happened here, as first reported by Politico:
The electronic case filing system used by the federal judiciary has been breached in a sweeping cyber intrusion that is believed to have exposed sensitive court data across multiple U.S. states, according to two people with knowledge of the incident.
The hack, which has not been previously reported, is feared to have compromised the identities of confidential informants involved in criminal cases at multiple federal district courts, said the two people, both of whom were granted anonymity because they were not authorized to speak publicly about the hack.
First, let’s discuss the “sensitive court data.” PACER records are de facto public documents. But not everything contained in the US Courts system is actually public or even meant to be public. In addition to the things Americans are still expected to pay $0.10/page to access, there’s plenty of stuff filed under seal or otherwise prevented from reaching publicly-accessible dockets. And those documents might include things the government would definitely prefer no Americans have access to, much less the presumably foreign hackers who managed to breach the system.
But Politico isn’t exactly correct that this hack “has not previously been reported.” The breach was apparently discovered by the government on July 4 (hmmm), but the attacks and the attack surface had previously been highlighted by the federal judge overseeing PACER modernization efforts. Two weeks before this hack was discovered, the judge had told Congress PACER was under constant attack by malicious hackers.
Michael Scudder, who chairs the Committee on Information Technology for the federal courts’ national policymaking body, told members of the House Judiciary Committee that about 200 million harmful cyber “events” were prevented from penetrating court local area networks in fiscal 2024.
“The Judiciary has had to respond to waves of highly sophisticated and persistent cyber threats,” Scudder said in written testimony. “Given the information in the Judiciary’s control, we continue to face unrelenting security threats of extraordinary gravity.”
This was apparently shrugged off as something a DOGE-subservient federal government wouldn’t be spending any money on. After all, very few people in power actually seem to care whether or not there’s easy and equitable access to court records citizens have a First Amendment right to access. And the US Court system itself is more concerned it won’t be able to buy new flatscreen TVs and office chairs if anyone allows everyone but (mainly corporate) power users to access documents for free.
And while this wasn’t confirmation of this particular hack, the government had been warned hackers were incessantly attacking PACER in hopes of accessing whatever wasn’t accessible via its counter-intuitive front end.
The modernization of PACER is relegated to the back burner in perpetuity, it seems, even though spending money to update the system might have made it a bit more resilient to persistent attacks. But the federal government rarely feels compelled to throw money at things that might make things better for the hundreds of millions of peons who have somehow failed to secure a seat in Congress.
Under Trump and DOGE, this breach may result in some hand-wringing about the potential exposure of confidential sources (or buried evidence of police misconduct) but it’s unlikely to result in funding for additional security efforts, much less any movement forward on the free access front.
I can only hope the hackers decide to dump these documents somewhere publicly-accessible, which will save citizens millions in PACER fees while also exposing the amount of banality of the government out of the public eye by pretending literally any fact about any well-known surveillance tech or commonly-used law enforcement tactics will somehow create nationwide criminal chaos if the general public finds out things it most likely already knows.
But more importantly, this shows how little the government cares about one of its offerings that mainly benefits people who aren’t government employees. While the government has no problem spending money to make sure its own are taken care of, the people paying the tab are seldom considered worthy of government investment. And I can pretty much guarantee the reaction to this hack will be even less access to presumptively public records, rather than the implementation of a robust system that repels hackers and provides better, cheaper access to records the public has already paid for once.
Filed Under: data breach, federal courts, hacking, pacer, public records, us court system
