Stay up to date with notifications from The Independent

Notifications can be managed in browser preferences.

Senator: Treasury Dept. email accounts compromised in hack

Dozens of email accounts at the Treasury Department were compromised in the massive breach of U.S. government agencies being blamed on Russia

Via AP news wire
Monday 21 December 2020 20:55 EST
Federal Agencies Hacked Consequences
Federal Agencies Hacked Consequences (Copyright 2016 The Associated Press. All rights reserved.)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

Dozens of email accounts at the Treasury Department were compromised in a massive breach of U.S. government agencies being blamed on Russia with hackers breaking into systems used by the department s highest-ranking officials, a senator said Monday after being briefed on the matter

Sen. Ron Wyden, D-Ore., provided new details of the hack following a briefing to the Senate Finance Committee by the IRS and Treasury Department.

Wyden said that though there is no indication that taxpayer data was compromised, the hack “appears to be significant,” including through the compromise of dozens of email accounts and access to the Departmental Offices division of the Treasury Department, which the senator said was home to its highest-ranking officials. In addition, the breach appears to involve the theft of encryption keys, Wyden said.

“Treasury still does not know all of the actions taken by hackers, or precisely what information was stolen,” Wyden said in a statement.

It is also not clear what Russian hackers intend to do with any emails they may have accessed.

A Treasury Department spokeswoman declined to comment on Wyden's statement.

Treasury was among the earliest known agencies reported to have been affected in a breach that now encompasses a broad spectrum of departments. The effects and consequences of the hack are still being assessed, though the Department of Homeland Security's cybersecurity arm said in a statement that the intrusion posed a “grave” risk to government and private networks.

In the Treasury Department's case, Wyden said, the breach began in July. But experts believe the overall hacking operation began months earlier when malicious code was slipped into updates to popular software that monitors computer networks of businesses and governments. The malware, affecting a product made by U.S. company SolarWinds, gave elite hackers remote access into an organization’s networks so they could steal information.

It wasn’t discovered until the prominent cybersecurity company FireEye determined it had been hacked.

Tech giant Microsoft which has helped respond to the breach, revealed last week that it had identified more than 40 government agencies, think tanks, nongovernmental organizations and IT companies infiltrated by the hackers. Microsoft notified the Treasury Department that dozens of email accounts were compromised.

President Donald Trump sought to downplay the severity of the hack last week, tweeting without any evidence that perhaps China was responsible. At least two Cabinet members, Secretary of State Mike Pompeo and Attorney General William Barr, have stated publicly that they believe Russia was responsible, the consensus of others in the U.S. government and of the cybersecurity community.

____

Follow Eric Tucker on Twitter at http://www.twitter.com/etuckerAP

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in