The US Justice Department has confirmed that it was among the organizations affected by the Solorigate incident. BleepingComputer tallies the number of compromised DoJ email accounts and comes up with about 3400 mailboxes, roughly 3% of all the mailboxes in the Department’s networks.
KrebsOnSecurity says that the Administrative Office of the US Courts Case Management/Electronic Case Files system appears to have been “hit hard” by the cyberespionage campaign. Bloomberg Law points out that much of that sensitive information involves corporate data.
The rioting on Capitol Hill has left a cybersecurity mess in its wake. TechCrunch, observes that classified material handled by Congress ought to be and probably is maintained on a separate secure network, says the rioters' physical access to ordinary IT systems was extensive. Forbes quotes experts to the effect that Congress should consider its systems compromised and rebuild them accordingly.
What recovery will entail is suggested by guidance from the Chief Administrative Officer of the US House of Representatives (tweeted by Politico reporter Eric Geller), who yesterday discussed remediation of damage from Wednesday’s riot. She said that while there was no evidence that House networks had been compromised, all offices should account for IT equipment (including desktops, laptops, tablets, phones, and removable media) and seek assistance if they find any missing. They should regard any device that may have been accessed during the riots as potentially compromised, and, of course, they should change passwords on next login for any systems that may have been exposed to unauthorized access.