FILE PHOTO: The U.S. Department of the Treasury is seen in Washington, D.C., U.S., August 30, 2020. REUTERS/Andrew Kelly/File Photo
December 22, 2020
By Raphael Satter
WASHINGTON (Reuters) -Dozens of email accounts at the U.S. Treasury Department were compromised by the powerful hackers responsible for a wide-ranging espionage campaign against U.S. government agencies, the office of U.S. Senator Ron Wyden said on Monday.
In a written statement, Wyden’s office said that Senate Finance Committee staff were briefed that the hack of the Treasury Department appears to have been a significant one, “the full depth of which isn’t known.”
Wyden, the most senior Democrat on the committee, said that Microsoft notified the agency that dozens of email accounts had been compromised and that the hackers also penetrated the systems at Treasury’s Departmental Offices division, which is home to its top officials.
“Treasury still does not know all of the actions taken by hackers, or precisely what information was stolen,” the statement said, although it added that the Internal Revenue Service said there was no evidence the tax agency was compromised or that taxpayer data was affected.
Wyden’s statement carried a considerably more pessimistic tone than the one taken by Treasury Secretary Steven Mnuchin, who told CNBC earlier in the day that “the good news is there has been no damage, nor have we seen any large amounts of information displaced.”
“I can assure you, we are completely on top of this,” he said.
The Treasury declined to add to Mnuchin’s comments, and did not immediately return a message seeking comment on Wyden’s statement.
A Wyden aide said the hackers were able to access the Treasury officials’ Microsoft-hosted inboxes after taking control of the cryptographic key used by Treasury’s “single sign on” infrastructure – a service used in many organizations so that employees can access a variety of services with a single username and password.
The aide quoted Treasury officials as saying Mnuchin’s inbox was not among those affected.
Microsoft did not immediately return a message seeking comment.
U.S. governments and cybersecurity experts in several countries are still struggling to get their arms around the breach, which began earlier this year when hackers subverted the Texas-based software company SolarWinds and used the company as a springboard to jump deep into government and corporate networks.
Top U.S. officials – including Secretary of State Mike Pompeo – have blamed Russia for the espionage operation, although some officials and experts have told Reuters it is too soon to know for sure who is behind the breach.
The Kremlin has denied any involvement. Republican President Donald Trump, who has spent much of his term in office defending Russia from various allegations of hacking and interference, downplayed the breach and raised the possibility that China might be involved.
Attorney General Bill Barr on Monday became the latest Trump loyalist to break with the outgoing president on the issue, telling a news conference that he agreed with Pompeo’s assessment: “It certainly appears to be the Russians but I am not going to discuss it beyond that.”
(Reporting by Raphael Satter; Editing by Lisa Shumaker and Sonya Hepinstall)