'Dozens of email accounts' were hacked at U.S. Treasury -Senator Wyden
Send a link to a friend
 [December 22, 2020] By
Raphael Satter
WASHINGTON (Reuters) -Dozens of email
accounts at the U.S. Treasury Department were compromised by the
powerful hackers responsible for a wide-ranging espionage campaign
against U.S. government agencies, the office of U.S. Senator Ron Wyden
said on Monday.
In a written statement, Wyden's office said that Senate Finance
Committee staff were briefed that the hack of the Treasury Department
appears to have been a significant one, "the full depth of which isn't
known."
Wyden, the most senior Democrat on the committee, said that Microsoft
notified the agency that dozens of email accounts had been compromised
and that the hackers also penetrated the systems at Treasury's
Departmental Offices division, which is home to its top officials.
"Treasury still does not know all of the actions taken by hackers, or
precisely what information was stolen," the statement said, although it
added that the Internal Revenue Service said there was no evidence the
tax agency was compromised or that taxpayer data was affected.
Wyden's statement carried a considerably more pessimistic tone than the
one taken by Treasury Secretary Steven Mnuchin, who told CNBC earlier in
the day that "the good news is there has been no damage, nor have we
seen any large amounts of information displaced."
"I can assure you, we are completely on top of this," he said.
The Treasury declined to add to Mnuchin's comments, and did not
immediately return a message seeking comment on Wyden's statement.
A Wyden aide said the hackers were able to access the Treasury
officials' Microsoft-hosted inboxes after taking control of the
cryptographic key used by Treasury's "single sign on" infrastructure - a
service used in many organizations so that employees can access a
variety of services with a single username and password.
[to top of second column] |
The SolarWinds logo is seen outside its headquarters in Austin,
Texas, U.S., December 18, 2020. REUTERS/Sergio Flores
The aide quoted Treasury officials as saying Mnuchin's inbox was not among those
affected.
Microsoft did not immediately return a message seeking comment.
U.S. governments and cybersecurity experts in several countries are still
struggling to get their arms around the breach, which began earlier this year
when hackers subverted the Texas-based software company SolarWinds and used the
company as a springboard to jump deep into government and corporate networks.
Top U.S. officials - including Secretary of State Mike Pompeo - have blamed
Russia for the espionage operation, although some officials and experts have
told Reuters it is too soon to know for sure who is behind the breach.
The Kremlin has denied any involvement. Republican President Donald Trump, who
has spent much of his term in office defending Russia from various allegations
of hacking and interference, downplayed the breach and raised the possibility
that China might be involved.
Attorney General Bill Barr on Monday became the latest Trump loyalist to break
with the outgoing president on the issue, telling a news conference that he
agreed with Pompeo's assessment: "It certainly appears to be the Russians but I
am not going to discuss it beyond that."
(Reporting by Raphael Satter; Editing by Lisa Shumaker and Sonya Hepinstall)
[© 2020 Thomson Reuters. All rights
reserved.] Copyright 2020 Reuters. All rights reserved. This material may not be published,
broadcast, rewritten or redistributed.
Thompson Reuters is solely responsible for this content.
 |
