WASHINGTON (REUTERS, BLOOMBERG) - Dozens of email accounts at the US Treasury Department were compromised by the powerful hackers responsible for a wide-ranging espionage campaign against US government agencies, the office of US Senator Ron Wyden said on Monday (Dec 21).
In a written statement, Wyden's office said that Senate Finance Committee staff were briefed that the hack of the Treasury Department appears to have been a significant one, "the full depth of which isn't known."
Wyden, the most senior Democrat on the committee, said that Microsoft notified the agency that dozens of email accounts had been compromised and that the hackers also penetrated the systems at Treasury's Departmental Offices division, which is home to its top officials.
"Treasury still does not know all of the actions taken by hackers, or precisely what information was stolen," the statement said, although it added that the Internal Revenue Service said there was no evidence the tax agency was compromised or that taxpayer data was affected.
Wyden's statement carried a considerably more pessimistic tone than the one taken by Treasury Secretary Steven Mnuchin, who told CNBC earlier in the day that "the good news is there has been no damage, nor have we seen any large amounts of information displaced."
"I can assure you, we are completely on top of this," he said.
The Treasury declined to add to Mnuchin's comments, and did not immediately return a message seeking comment on Wyden's statement.
A Wyden aide said the hackers were able to access the Treasury officials' Microsoft-hosted inboxes after taking control of the cryptographic key used by Treasury's "single sign on" infrastructure - a service used in many organisations so that employees can access a variety of services with a single username and password.
The aide quoted Treasury officials as saying Mnuchin's inbox was not among those affected.
Microsoft did not immediately return a message seeking comment.
US governments and cyber-security experts in several countries are still struggling to get their arms around the breach, which began earlier this year when hackers subverted the Texas-based software company SolarWinds and used the company as a springboard to jump deep into government and corporate networks.
All federal civilian agencies were ordered by the US Cybersecurity and Infrastructure Security Agency to review their networks and disconnect or power down SolarWinds's Orion software products immediately.
House Energy and Commerce Committee Chairman Frank Pallone, a New Jersey Democrat, said his panel had also been told about the hacks.
"The committee has been briefed by several agencies and departments, and is assessing the potential impacts across its broad jurisdiction, including energy, health care, and telecommunications networks," Pallone said in a statement.
Top US officials - including Secretary of State Mike Pompeo - have blamed Russia for the espionage operation, although some officials and experts have told Reuters it is too soon to know for sure who is behind the breach.
The Kremlin has denied any involvement. Republican President Donald Trump, who has spent much of his term in office defending Russia from various allegations of hacking and interference, downplayed the breach and raised the possibility that China might be involved.
Attorney-General Bill Barr on Monday became the latest Trump loyalist to break with the outgoing president on the issue, telling a news conference that he agreed with Pompeo's assessment: "It certainly appears to be the Russians but I am not going to discuss it beyond that."
