Published: November 21, 2025
Our new bulletin Cyber Threat Watch has been created to help small businesses stay up to date on the latest threats, news, and events affecting their business. The content has been curated to make cybersecurity easy and accessible for both technical and nontechnical readers.
Featured Cyber Incident — U.S. Federal Court System Breach
In mid-2025, a major cyberattack struck the U.S. federal court system, compromising the digital platforms used to manage and store legal filings. The Administrative Office of the U.S. Courts confirmed the breach in August and described it as sophisticated and persistent. While the exact date has not been disclosed, investigators and media reports linked the incident to foreign state-sponsored hackers who exploited long-standing weaknesses in outdated software.
The affected systems—the Case Management/Electronic Case Files (CM/ECF) system and its public portal Public Access to Court Electronic Records (PACER)—are vital tools for handling both public and confidential case information across the country. This incident exposed how aging technology and uneven cybersecurity left critical systems vulnerable.
What Happened
This cyberattack compromised the court system’s national electronic filing and records network, allowing unauthorized access to sealed case files and internal administrative data. Portions of the system’s source code were also exposed. Some reports suggested that sensitive information, including witness details and confidential case materials, may have been viewed or copied.
The breach caused temporary shutdowns of electronic filing for confidential cases and forced multiple courts to revert to paper-based processes for sealed cases. These disruptions delayed proceedings and highlighted the risks of overreliance on outdated digital systems without effective backup or recovery procedures.
How It Happened
The intrusion exploited long-standing weaknesses in the court’s electronic filing infrastructure. Developed in the 1990s and expanded over time, the system became fragmented as each court maintained its own servers and settings—this led to uneven patching, outdated software, and inconsistent security controls across hundreds of networks.
A 2021 review by the Administrative Office of the U.S. Courts had already warned that this decentralization created instability and serious cybersecurity risks. Many courts delayed upgrades or lacked proper monitoring, allowing attackers to exploit unpatched vulnerabilities, weak passwords, and incomplete encryption to move undetected through connected systems.
What Your Business Can Learn From This Incident
This breach highlights issues that also threaten small businesses: aging software, weak authentication, and poor data protection. Here are practical, low-cost steps to reduce risk.
- Replace Outdated Software: Schedule a yearly review of your computers and software applications. Replace programs that no longer receive updates or support. Inexpensive tools like Patch My PC and Ninite Pro can help identify and update outdated software.
- Use Multi-Factor Authentication (MFA): Turn on MFA for email, cloud accounting, and file storage systems. Services like Google Authenticator and Microsoft Authenticator offer it at no cost—just enable it in the settings.
- Enable Security Alerts: Activate login and file change alerts on all online accounts. Review them regularly, not just when something looks suspicious.
- Know and Protect Your Data: Keep a short list of where important business data lives—laptops, mobile devices, cloud accounts, or portable drives. Encrypt sensitive files and restrict access to only those who truly need it.
- Keep Reliable Backups: Use an automatic cloud backup tool or an external drive that runs on a set schedule. Store one copy offline in a separate location so ransomware cannot encrypt it.
- Plan Simple Alternatives: Print essential contacts and procedures. Keep a spare laptop or tablet ready with basic tools so business operations can still continue if your main system is down.
Conclusion
The breach of the U.S. federal court system showed how years of outdated technology and decentralized oversight disrupted essential services, and small businesses can face the same risks. By staying current with software, using MFA, monitoring activity, encrypting data, and maintaining tested backups, organizations can strengthen resilience and protect client trust even during a cyber incident.
The NCSS encourages businesses to adopt comprehensive security practices and stay informed about evolving threats. We recommend you consider becoming an NCSS member to access a wide range of our services. For more information, visit our Small Business page.
References
https://www.politico.com/news/2025/08/12/federal-courts-hack-security-flaw-00506392
https://reliabletech.ca/hackers-breach-federal-court-filing-system-what-it-means-for-you/
https://securityandtechnology.org/blog/what-to-make-of-the-us-federal-court-breaches/
https://cyberscoop.com/federal-judiciary-touts-cybersecurity-work-in-wake-of-latest-major-breach/
About the NCSS
The National Cybersecurity Society (NCSS) is committed to improving the online safety and security of the small business community through education, awareness, and advocacy. As a 501(3)(c) organization, the NCSS uses funds from charitable donations and grants to develop educational materials, webinars, weekly cyber tips, videos, and how-to-guides. The organization’s goal is to enable and empower small and medium businesses to obtain cybersecurity services, assist them in understanding their cyber risk, and advise on the type of protection needed. We want to continue to grow our community and encourage you to tell other small businesses we are here to help.
The NCSS is committed to respecting the use of images in our communication efforts. Accordingly, unless otherwise specifically noted, the graphics in our bulletin are sourced under license from Adobe Stock. The header and footer images were designed and purchased through a contract with Eyedea Advertising & Design Studio.