Federal courts to ramp up filing system security after ‘recent escalated cyberattacks’
The U.S. judiciary announced plans to increase security for sensitive information on its case management system following what it described as “recent escalated cyberattacks of a sophisticated and persistent nature.”
In a Thursday statement, the federal judiciary said it’s “taking additional steps to strengthen protections for” that information. It also said it’s “further enhancing security of the system and to block future attacks, and it is prioritizing working with courts to mitigate the impact on litigants.”
The statement from the third branch comes one day after a Politico report revealed that its case filing system had recently been breached. That report cited unnamed sources who were concerned that the identities of confidential court informants may have been compromised.
While the federal courts’ statement acknowledged a recent escalation in cyberattacks on its case management system, it didn’t confirm details of the reported breach. In response to a FedScoop request for additional information about the reported attack, a spokesman for the Administrative Office of the U.S. Courts declined to comment and pointed back to the statement.
The reported hack and statement come after a cyberbreach of the same system in 2020. In early 2021, during a hack of SolarWinds’ Orion products, the federal courts disclosed that it found “apparent compromise” of the Case Management/Electronic Case Files system (CM/ECF) and was investigating the matter.
Its statement after that breach similarly indicated that “federal courts are immediately adding new security procedures to protect highly sensitive confidential documents filed with the courts.”
Notably, more than a year after the disclosure of that hack, Rep. Jerrold Nadler, D-N.J., who was then-House Judiciary Chairman, disclosed that the committee had learned about the “startling breadth and scope” of a breach in early 2020 and indicated it was separate from the SolarWinds breach that had impacted a number of federal agencies.
In its Thursday statement, the judiciary noted that the majority of documents housed within the filing system aren’t confidential and are available to the public, but some of those documents are confidential and aren’t publicly accessible — known as being “sealed.”
“These sensitive documents can be targets of interest to a range of threat actors. To better protect them, courts have been implementing more rigorous procedures to restrict access to sensitive documents under carefully controlled and monitored circumstances,” the statement said.
That response has included implementing a zero-trust architecture, expanding multifactor authentication, and maximizing use of government-furnished equipment, per a readout from a meeting of the Judicial Conference, the judiciary’s policymaking body, in 2024. The AO also appointed a chief information officer in 2023. But even then, concern about cyberattacks remained, particularly ahead of the 2024 election.
“Now is not the time for one ounce of complacency,” U.S. Court of Appeals Judge Michael Y. Scudder said at that meeting, according to the release. “We have to keep making progress on our major projects; we have to find ways to meet our goals faster, by working within cyber-relevant timeframes, not ordinary government timelines; and we have to stay unified, with the courts and AO working together.”
GSA leader sees AI as catalyst for federal acquisition overhaul
The head of the General Services Administration’s Federal Acquisition Service (FAS) is optimistic about the Trump administration’s push to overhaul the Federal Acquisition Regulation, suggesting artificial intelligence and other agentic tools could be game changers for the effort.
Josh Gruenbaum, commissioner of the GSA’s FAS, provided an update on the agency’s so-called “Revolutionary FAR Overhaul” at the Leidos Supplier Innovation and Technology Symposium on Thursday, stating administration workers are “taking it seriously.”
The efforts follow President Donald Trump’s executive order in April, which calls for changes to the FAR and an evaluation of the agency buying processes. The FAR is the more than 2,000-page document detailing the regulations and rules for federal agency procurement.
In a fireside chat with Gruenbaum, Leidos CEO Thomas Bell noted that many administrations have attempted to fix or restructure the FAR. “We’ve heard it before” when it comes to FAR reform, Bell remarked, but “this time, it feels a little different.”
Gruenbaum echoed that outlook, pointing in part to the emerging technologies the federal government increasingly uses.
“I feel really good about it because technology is different today,” Gruenbaum said. “The agentic tools and artificial intelligence.”
The use cases for these tools, Gruenbaum said, could ease the “really tough, laborious, monotonous” human processes, while noting subject matter experts still need to be involved in the reform.
“But to be able to lower and go faster through agented tooling with the lens that this administration is encouraging, I do think this time is different and I do think it’s going really well,” he added.
Gruenbaum continued: “This initiative could not be going at the pace and success that it is without the folks over at [the Office of Budget and Management], [the Office of Federal Procurement Policy], our colleagues over at NASA” and the Department of Defense.
His comments come as GSA and other federal agencies increasingly turn to generative AI tools, including internal chatbots like GSAi, to make certain workflows more efficient.
The overhaul process, Gruenbaum said, is also being boosted by agency collaboration and the Trump administration’s “business-focused approach.”
“If we want to be great, forget just the balance sheet,” he said. “Forget the budget each year, but just thinking about our positioning as we talk about … [the AI] race, if we can’t bring in the best companies that this country has to offer, because we have so much red tape or so many obstacles for a smaller, cutting edge, smaller business to be able to come in and offer the federal government services without having to go and spending whatever amount of money … then that’s a failing effort.
“So what we’ve been endeavoring to do is to really lower that barrier. And because of the folks who are around this and the business common sense lens that we are all being encouraged — at the very top from the White House — to deploy,” he added.
The White House’s April executive order took aim at this “red tape” goal and argued the FAR has evolved “into an excessive and overcomplicated regulatory framework and resulting in an onerous bureaucracy.”
That EO calls for the removal of “undue barriers” and “unnecessary regulations” in procurement and requests the head of the OFPP, members of the Federal Acquisition Regulatory Council, and senior agency acquisition and procurement officials to coordinate on aligning the FAR with the order’s instructions within 180 days.
The GSA launched a new website in May to provide details on the progress of the FAR updates. The website will be home to the streamlined version of the FAR, buying guides, and give federal acquisition stakeholders a chance to share feedback.
House Democrats press USDA for answers on DOGE access to farmers’ data
More than a dozen House Democrats are demanding answers from the U.S. Department of Agriculture following reports that DOGE representatives accessed a sensitive agency-run database that controls government loans and payments to ranchers and farmers across the country.
In a letter led by Rep. April McClain Delaney of Maryland, the Democrats called for an investigation “into DOGE’s interference” at USDA’s Farm Service Agency, citing an NPR story from last month.
According to NPR, DOGE was granted “a highly privileged level” of access to USDA’s National Payment Service, giving those associates the ability to edit data entries, view sensitive personal information and even cancel loans.
Farmers and ranchers must provide a litany of personal information to the USDA when applying for federal loans, disaster aid or other crucial Farm Service Agency programs. The letter, which was also signed by House Agriculture Committee ranking member Angie Craig of Minnesota, noted that more than 90% of U.S. producers rely on Agriculture Department assistance.
Exposure to cybersecurity threats is also a major concern, the lawmakers argued.
“Without protection in place, we run real risks: loans could be taken in producers’ names if their data is leaked, credit scores could be impacted, and our national security could be threatened,” the letter stated. “Protecting producer lending and payment data and ensuring that it is secure is especially urgent amid increasing economic volatility and extreme weather events, which have cost the agriculture sector billions in damages annually in recent years.”
As part of its request, the lawmakers want USDA to immediately revoke DOGE access to confidential producer data and reaffirm “that only properly authorized USDA personnel are responsible for processing payments and making loan decisions.”
Relatedly, the House Democrats are urging USDA and FSA to provide information on how Trump administration policies are affecting the privacy of U.S. farmers and producers.
They’re also seeking answers to specifics on DOGE’s access to USDA systems, including what information was contained in the networks, why it was deemed necessary for these individuals to be granted such privileges, whether any DOGE representatives approved or blocked USDA payments or loans, and what, if any, data or records were altered by DOGE.
The letter asks USDA for a “thorough response” to House Democrats’ inquiry by Aug. 14.
Former USPTO IT chief Jamie Holcombe joins US AI
Jamie Holcombe is joining Maryland-based technology company US AI after wrapping up roughly six-and-a-half years as the chief information officer of the U.S. Patent and Trademark Office.
Holcombe, who served as both CIO and chief AI officer at USPTO, will be vice president of the AI firm, with a focus on scaling its technology throughout the federal government, according to a Thursday announcement from US AI shared with FedScoop.
“True innovation must serve people first — through transparency, resilience, and security,” Holcombe said in a statement included in the release. “US AI has built the kind of trusted infrastructure that makes real transformation possible. I’m honored to help scale that mission.”
Holcombe’s last day at the agency was Wednesday, according to a USPTO spokeswoman.
Deborah Stephens, deputy CIO for the agency, will serve as acting CIO.
At USPTO, Holcombe oversaw “one of the federal government’s largest IT transformations,” per the announcement. That work included leading the agency’s transition to a cloud-first environment and the launch of its AI Lab, where USPTO can test use cases.
As part of his new role, Holcombe will work to expand US AI’s Intelligent Computing Platform, which is aimed at accelerating the adoption of AI in sectors that are highly regulated, across government. He will also lead the company’s strategy to align its technology with its use in public sector and regulated areas, scaling codeless and zero-trust tools, and build on the company’s “values of clarity, security, and accessibility in AI deployment.”
“Jamie represents the values we care about: trust, transformation, and courage,” US AI CEO David Nguyen said in a statement included in the release. “His leadership will accelerate how we deploy intelligent systems at scale — without sacrificing ethics, security, or human agency.”
Prior to his role at USPTO, Holcombe worked in the private sector, including as CEO of cybersecurity startup Visium Technologies and as COO of IT solutions company TJ Westlake LLC, per his agency biography. Holcombe started his career as an officer in the U.S. Army.
Holcombe is a graduate of the U.S. Military Academy at West Point, where he received a bachelor of science in computer science. He also has masters degrees from Chaminade University of Honolulu in information systems as well as George Washington University in computer science.
Update: This story was updated following publication with news about USPTO naming Deborah Stephens acting CIO.
GSA inks governmentwide deal with AWS, touting $1B in potential savings
The General Services Administration has negotiated a governmentwide purchasing agreement with Amazon Web Services that could save agencies up to $1 billion through credits for AWS services.
The deal, announced Thursday, is the latest in a flurry of so-called OneGov agreements GSA has initiated under the Trump administration to consolidate and centralize IT purchasing at scale and unlock greater, consistent savings for civilian agencies, rather than agencies negotiating one-off contracts with vendors themselves. In recent weeks, the agency has announced similar deals with OpenAI, Docusign and Uber.
As part of the governmentwide package, AWS has come to the table offering direct incentive credits that could total up to $1 billion in value for cloud services, modernization support and training.
The deal will run through Dec. 31, 2028.
In addition to streamlining federal IT procurement by working as a single, unified federal entity, GSA’s OneGov initiative also aims to work directly with technology developers themselves, rather than through intermediaries such as value-added resellers. As such, GSA touts the potential for additional savings by contracting directly with the cloud giant for its services.
Josh Gruenbaum, commissioner of GSA’s Federal Acquisition Service, sees the digital transformation enabled through this deal as a key step toward bringing the Trump administration’s AI Action Plan to life.
“GSA’s OneGov continues to deliver critical technology solutions to federal agencies while securing the best value for our most important stakeholders — the American taxpayer,” Gruenbaum said in a statement. “We are grateful for AWS’s partnership as GSA continues to equip agencies with modern solutions at scale and at savings. Through this unique partnership, the federal government is poised to deliver on President Trump’s AI Action Plan and solidify its position as the global AI leader.”
AWS joins some of its biggest cloud competitors in negotiating a OneGov deal with GSA. Hyperscale cloud service providers Microsoft, Google and Oracle already inked agreements with the agency earlier this year.
Federal agencies can buy ChatGPT for $1 through GSA deal
OpenAI will offer its ChatGPT product to federal agencies for $1 for one year, marking the artificial intelligence firm’s latest effort to expand use of its generative AI chatbot across the federal government.
The General Services Administration announced the new deal Wednesday as part of its OneGov Strategy, stating it supports the White House’s AI Action Plan, which encourages widespread adoption of AI in the federal government.
Under this latest OneGov partnership, OpenAI’s ChatGPT Enterprise product can be purchased by federal agencies for $1 per agency for one year. GSA called this a “deeply discounted rate.” GSA’s OneGov strategy is a new initiative focused on modernizing how the government buys goods and services at scale.
“One of the best ways to make sure AI works for everyone is to put it in the hands of the people serving the country,” OpenAI CEO Sam Altman said in a statement.
OpenAI, in a blog post Wednesday, said the availability of AI tools across the federal government will allow workers to “spend less time on red tape and paperwork.”
The ChatGPT Enterprise product comes with “enterprise-grade security and privacy,” along with unlimited access to OpenAI’s leading ChatGPT models, customization options and data analysis tools, according to OpenAI.
OpenAI emphasized ChatGPT Enterprise does not use business data to train or improve models and the same guidelines will apply to the federal government and the sensitive information it often handles.
The partnership is part of the OpenAI for Government initiative, which the company launched in June to introduce its tools to the U.S. government.
In addition to the ChatGPT Enterprise product, OpenAI said it will also offer educational tools and training through its OpenAI Academy platform.
Josh Gruenbaum, commissioner of the GSA’s Federal Acquisition Service, said the agency is encouraging other American AI technology companies to work with GSA’s OneGov strategy, a new initiative focused on modernizing how the government buys goods and services.
The announcement comes just one day after GSA revealed OpenAI’s ChatGPT, Google’s Gemini and Anthropic’s Claude models were approved for the agency’s Multiple Award Schedule, giving other federal, state and local governments access to these AI products for a cheaper price.
A spokesperson for Anthropic told FedScoop the company is working closely with the government on a similar deal to offer its Claude model for $1.
Google did not immediately respond to FedScoop’s request for comment on its government pricing plans.
OPM officially sunsets ‘five bullets’ emails for federal workers
The Office of Personnel Management has officially halted its efforts to collect five bullet points from federal workers about what they did the previous week, indicating it will instead support agency-based performance management.
“We communicated with agency HR leads that OPM was no longer going to manage the five things process nor utilize it internally,” OPM Director Scott Kupor said in a written statement. “At OPM, we believe that managers are accountable to staying informed about what their team members are working on and have many other existing tools to do so.”
The news was originally reported by Reuters and comes a week after Kupor told FedScoop he would review the initiative to see if it was adding value. He also indicated that artificial intelligence was used to analyze those emails, partly confirming reports that the technology was used to review those messages — though Kupor said it likely wasn’t an in-depth analysis.
The five bullets emails were first announced in February by then DOGE-affiliated Elon Musk on his social media site X. He threatened that if people didn’t respond, it would be “taken as a resignation.”
That effort was immediately met with caution from agencies, which in some cases told workers to respond carefully and in others told workers not to respond. It also prompted concerns about the security of that information, particularly given the agency’s history with a 2015 cyber breach that exposed personally identifiable information of roughly 22 million people.
Musk has since left the government after an apparent falling out with President Donald Trump, and the DOGE doesn’t currently have anyone located at OPM, which was once a hub for the efficiency group. Kupor told FedScoop last week that DOGE was a “catalyst,” but now it’s time to put efficiency into the agency’s operations.
When asked about those messages in an interview last week, Kupor told FedScoop that the effort had quieted down in recent months and indicated he planned to review its continuation. Following that interview, an agency spokeswoman confirmed that responsive emails were still coming to OPM’s inboxes.
In lieu of the messages, OPM also said Tuesday that it planned to support agencies transitioning to “rigorous performance management” — including regular check-ins — that were called for in a June OPM memo.
Senate bill calls for FCC-led task force to combat overseas robocalls
To better battle the scourge of robocalls plaguing Americans’ phones, a bipartisan pair of senators is pushing new legislation that would require the Federal Communications Commission to train its eyes on scammers operating abroad.
The Foreign Robocall Elimination Act from Sens. Ted Budd, R-N.C., and Peter Welch, D-Vt., charges the FCC with creating a public-private task force focused on finding new methods to eliminate unlawful robocalls that are made by overseas actors, an effort that Budd said is aimed at better protecting Americans “from being preyed on by criminal enterprises across the globe.”
“Robocalls from scammers aren’t just annoying, they victimize tens of millions of Americans, stealing billions of dollars from unsuspecting individuals,” the North Carolina Republican said in a press release Tuesday. “With many robocalls originating overseas, combining the efforts of government agencies in charge of protecting Americans from scams with private sector expertise will help us stay ahead of cutting-edge technologies used by foreign criminal enterprises.”
The bill, Budd added, builds on “the important steps Congress has taken to curb these harmful robocalls,” referring to the TRACED Act. The 2019 law was meant to deter criminal robocall violations and bolster enforcement of section 227(b) of the Communications Act, which restricts the use of automated phone dialing systems.
Despite the enactment of the TRACED Act and subsequent congressional and FCC efforts, robocalls remain a serious problem. Welch said in the press release that “Vermonters receive nearly 3.5 million robocalls every month. And it’s not only our state — folks in red and blue states alike are sick and tired of picking up the phone and wondering if they’re talking to a friend or being scammed.”
Under the new bill, the FCC task force — created in consultation with the Federal Trade Commission and the attorney general — would enlist other relevant federal agencies and seven private sector representatives, including voice service providers, analytics providers, technologists and other experts.
There would also be someone from the marketing world who “communicates with consumers by telephone as part of the normal course of business,” per the bill text, as well as a business or nonprofit rep who uses the phone for non-marketing purposes and someone from an organization that advocates for consumers and has relevant experience combating robocalls.
Once assembled, the task force would prepare a report for federal agencies and for Congress that contains recommendations to ward off unwanted robocalls and makes recommendations for doing so. The report would examine issues including caller ID technologies in foreign countries, which nations have emerged as primary source points for foreign calls, the magnitude of financial losses and stolen identities, and potentially better technical solutions, among other measures.
From an enforcement standpoint, the bill charges the task force with exploring options for a stronger Department of Justice presence. There would also be an exploration of incentivizing foreign countries to cooperate with U.S. law enforcement on the matter.
The press release announcing the bill touted key endorsements from AARP and USTelecom – The Broadband Association.
“Illegal robocalls are not just a nuisance — they’re a threat to vulnerable Americans and a tool for scammers around the world,” said Josh Bercu, senior vice president of the trade group and executive director of the Industry Traceback Group. “Thanks to strong partnerships between the Industry Traceback Group and federal, state, and local law enforcement, we’ve made measurable progress in stopping these bad actors. The Foreign Robocall Elimination Act builds on this success to empower industry and law enforcement to use what works to crack down on the bad actors overseas preying on Americans.”
Why identity is the definitive cyber defense for federal agencies
Identity has become the new cybersecurity perimeter. As federal agencies rapidly adopt cloud services, AI-powered tools and hybrid work models, identity security is now central to mission assurance.
However, for many federal leaders, identity management remains a complex puzzle. The abundance of tools — from password managers to identity governance systems — often leads to fragmented environments and operational gaps. Even when agencies understand its importance, aligning identity investments with mission objectives remains a significant hurdle.
Adding to this complexity is a rapidly evolving environment in which cyber threats are becoming more sophisticated. AI-driven attacks mimic human behavior, bypassing traditional defenses with alarming speed. Static controls and perimeter-centric thinking can’t keep up. Identity governance, behavioral analytics and adaptive access controls must work in tandem to stay ahead of AI-enabled threats.
Federal agencies need integrated, adaptive identity architectures that continuously verify users and devices in real time. Implementing these layered protections not only improves security but also enhances user experience by adapting to risk in real time. In addition, agencies that adopt these capabilities are better equipped to defend against emerging threats without sacrificing efficiency.
A trusted partner for identity security
That’s where Optiv + ClearShark makes a difference. We bring a cybersecurity-first approach to identity, helping federal agencies reduce risk, meet compliance and streamline operations. Unlike one-size-fits-all providers, we help agencies optimize their existing investments — whether they use SailPoint, BeyondTrust, Ping or Okta. Our team understands how to integrate these technologies into a framework that fits the federal context. In other words, we tailor solutions to the mission, not the other way around.
In fact, our edge lies in our people. Many of our consultants and engineers are former federal employees with clearances and firsthand experience navigating agency environments. Their insights help bridge the gap between vendor capabilities and federal mission needs.
In the past 18 months, we’ve delivered managed identity services across the defense and intelligence communities. These solutions include secure monitoring and identity operations in highly classified cloud environments, supported through partnerships with AWS, Splunk and others.
By offloading infrastructure and operations to our cleared teams, agencies gained enhanced identity assurance and significant cost savings while maintaining full compliance with federal security standards.
Accelerating modernization with confidence
Modernization doesn’t need to come at the expense of security or compliance. A pilot-driven approach allows agencies to validate identity solutions in their own environments before scaling. This reduces risk, accelerates return on investment and ensures audit readiness.
For example, one civilian agency we supported had invested heavily in identity tools but continued to fail penetration tests and struggled with governance gaps between identity and security teams. By deploying SailPoint and BeyondTrust in a phased, integrated rollout and aligning the solution to compliance and security objectives, we helped the agency pass red team exercises, reduce manual identity processes and establish a scalable identity framework for future growth.
The mission starts with identity
Identity is the most targeted attack surface in federal IT today. Protecting it is not just an IT imperative; it’s a mission-critical requirement. But success requires more than tools. It requires deep expertise, integration and continuous improvement.
With the right strategy and trusted support, agencies can secure their identity infrastructure, meet audit requirements, and modernize with purpose. The stakes have never been higher, and identity has never mattered more in federal cybersecurity.
Learn more about how Optiv + ClearShark takes a cybersecurity-centric approach to identity management for government.
This article was sponsored by Optiv + ClearShark.
Anthropic, Google and OpenAI land GSA contract for governmentwide use
Agencies across the federal government will now be able to buy certain artificial intelligence products from OpenAI, Google and Anthropic, the General Services Administration announced Tuesday in the agency’s latest embrace of automation tools in government.
The GSA revealed that Anthropic’s Claude, Google’s Gemini, and OpenAI’s ChatGPT products were added to the agency’s Multiple Award Schedule, providing other federal, state, and local governments with access to these AI products for a cheaper price.
Acting GSA Administrator Michael Rigas linked the move to President Donald Trump’s AI Action Plan, which encourages increased use of AI in the federal government.
“By making these cutting-edge AI solutions available to federal agencies, we’re leveraging the private sector’s innovation to transform every facet of government operations,” Rigas said in a statement. “From streamlining back-office processes to revolutionizing employee and citizen experiences and reimagining how we deliver mission-critical services, AI holds immense opportunities.”
The GSA said it hopes the schedule additions will “facilitate strong, widespread federal agency adoption and ensure easy access to improve their everyday workflows and processes.”
Josh Gruenbaum, commissioner of the GSA’s Federal Acquisition Service, also referenced Trump’s AI Action Plan in the Tuesday announcement, pointing to the roadmap’s emphasis on preventing “ideological bias” in AI models.
The 28-page action plan, released last month, said federal agencies should ensure AI systems are “built from the ground up with freedom of speech and expression in mind,” and that AI used by the government “objectively reflects truth rather than social engineering agendas.”
“As we procure these products, we’re focused on models that prioritize truthfulness, accuracy, transparency, and freedom from ideological bias, aligning with the Trump Administration’s policy that federally procured AI systems must prioritize truth and accuracy over ideological agendas,” Gruenbaum said in a statement.
Generative AI companies like OpenAI and Anthropic have pursued FedRAMP accreditation, though the process is often lengthy. To work around this, these AI companies have recently partnered with platforms like Microsoft Azure commercial cloud or Amazon Web Services to offer their technology to federal agencies while awaiting accreditation.
The announcement comes as GSA looks to bring its own AI chatbot, GSAi, to other agencies as well.
Zach Whitman, GSA’s chief AI officer and data officer, said last week that the agency is regularly using GSAi, which was rolled out internally in March, but is now pursuing the “next iteration” for the platform.
GSAi gives users access to several models, including ones from OpenAI, Anthropic and Google, and aims to boost workflow efficiency at the agency.
“We’re in active conversations right now with other agencies — how we can empower other agencies like ourselves to make better buying decisions,” Whitman said last week.
Should GSAi be offered to other federal agencies, GSA would still be the responsible agency for maintaining the infrastructure and analytics of the platform, Whitman said.