Senator: Treasury email accounts compromised
WASHINGTON — Dozens of email accounts at the Treasury Department were compromised in a massive breach of U. S. government agencies being blamed on Russia, with hackers breaking into systems used by the department’s highestranking officials, a senator said Monday after being briefed on the matter.
Sen. Ron-Wyden, D-Ore., provided new details of the hack following a briefing to Senate Finance Committee staff by the IRS and Treasury Department.
Wyden said that though there is no indication that taxpayer data was compromised, the hack “appears to be significant,” including through the compromise of dozens of email accounts and access to the Departmental Offices division of the Treasury Department, which the senator said was home to its highestranking officials. In addition, the breach appears to involve the theft of encryption keys from U. S. government servers, Wyden said.
“Treasury still does not know all of the actions taken by hackers, or precisely what information was stolen,” Wyden said in a statement.
It is also not clear what Russian hackers intend to do with any emails they may have accessed.
A Treasury Department spokeswoman declined to comment on Wyden’s statement.
Treasury was among the earliest known agencies reported to have been affected in a breach that now encompasses a broad spectrum of departments. The effects and consequences of the hack are still being assessed, though the Department of Homeland Security’s cybersecurity arm said in a statement last week that the intrusion posed a “grave” risk to government and private networks.
In the Treasury Department’s case, Wyden said, the breach began in July. But experts believe the overall hacking operation began months earlier when malicious code was slipped into updates to popular software that monitors computer networks of businesses and governments.
The malware, affecting a product made by U. S. company SolarWinds, gave elite hackers remote access into an organization’s networks so they could steal information.
It wasn’t discovered until the prominent cybersecurity company FireEye determined it had been hacked.