US Treasury Department email accounts were compromised in the suspected Russian hack of government agencies, a key Democratic senator said Monday, adding new details about the extent of the wide-reaching breach.
Sen. Ron Wyden of Oregon, the top Democrat on the Senate Finance Committee, said in a statement that the committee had been briefed on the hack by Treasury and IRS officials and it “appears to be significant.”
“According to Treasury staff, the agency suffered a serious breach, beginning in July, the full depth of which isn’t known. Microsoft notified the agency that dozens of email accounts were compromised. Additionally the hackers broke into systems in the Departmental Offices division of Treasury, home to the department’s highest-ranking officials,” Wyden said.
“Treasury still does not know all of the actions taken by hackers, or precisely what information was stolen.”
Wyden did not mention whether Treasury Secretary Steven Mnuchin was impacted by the hack, but noted that IRS officials had relayed that there is no evidence their agency was compromised.
Asked for comment, a Treasury spokesperson referred to Mnuchin’s Monday comments on CNBC: “Our unclassified systems did have some access. I will say the good news is there’s been no damage, nor have we seen any large amounts of information displaced,” Mnuchin said.
US officials suspect that Russian-linked hackers were behind the data breach, which also affected the Departments of Homeland Security, Agriculture and Commerce.
While the exact scope and scale of the hack remain to be seen, it is already becoming clear that this marks one of the most significant breaches of the US government in years. It also shows that Russia and other foreign actors continue to exploit US cyber vulnerabilities — an issue that will likely present a challenge for the incoming Biden administration.
The software that the suspected Russian malware was delivered with, SolarWinds Orion, has as many as 18,000 global customers, including government agencies, private companies and other organizations.
Microsoft said last week that the attack “reached many major national capitals outside Russia.”
Still, President Donald Trump has repeatedly downplayed the massive cyberattack, tweeting without evidence “it may be China” that’s responsible.
Instead of condemning the attack, or Russia, he wrote that he had been “fully briefed and everything is well under control” — despite officials in his administration having said last week that the cyberattack “poses a grave risk” to networks across both the public and private sectors.
This story has been updated to include a response from the Treasury Department.