(Bloomberg) — Systems at the U.S. Treasury Department used by senior officials were accessed by hackers in a widespread cyberattack on federal agencies, according to Senator Ron Wyden.
“According to Treasury staff, the agency suffered a serious breach, beginning in July, the full depth of which isn’t known,” Wyden, the top Democrat on the Senate Finance Committee, said in a statement Monday. “Treasury still does not know all of the actions taken by hackers, or precisely what information was stolen.”
Wyden, and Senate Finance Committee Chairman Chuck Grassley, had requested to meet with Treasury and IRS officials after the discovery of the data breach affecting multiple agency systems. A Treasury Department spokesperson didn’t immediately reply to a request for comment outside of office hours.
Microsoft Corp. told the Treasury that dozens of email accounts were compromised, the statement said. The hackers breached systems in the Treasury’s Departmental Offices unit, which contains the highest-ranking officials. The IRS does not appear to be affected by the attack.
U.S. government agencies were attacked as part of a global campaign orchestrated by hackers believed to be tied to the Russian government, according to U.S. officials. The hackers were reported to have installed a malicious vulnerability in software from Texas-based SolarWinds Corp., whose customers include top government agencies and Fortune 500 companies.
All federal civilian agencies were ordered by the U.S. Cybersecurity and Infrastructure Security Agency to review their networks and disconnect or power down SolarWinds’s Orion software products immediately.
Attorney General William Barr on Monday joined other administration officials, including Secretary of State Michael Pompeo, in pointing to Russia for being behind the hack.
“It certainly appears to be the Russians but I’m not going to discuss it beyond that,” Barr, whose last day in office is Wednesday, said at the Justice Department, contradicting President Donald Trump who suggested China may have been responsible.
House Energy and Commerce Committee Chairman Frank Pallone, a New Jersey Democrat, said his panel had also been told about the hacks.
“The committee has been briefed by several agencies and departments, and is assessing the potential impacts across its broad jurisdiction, including energy, health care, and telecommunications networks,” Pallone said in a statement.