SPONSORED:

Senate Democrat says cyberattack on Treasury 'appears to be significant'

Sen. Ron WydenRonald (Ron) Lee WydenHawley files ethics counter-complaint against seven Democratic senators Hillicon Valley: Intelligence agency gathers US smartphone location data without warrants, memo says | Democrats seek answers on impact of Russian hack on DOJ, courts | Airbnb offers Biden administration help with vaccine distribution Intelligence agency gathers US smartphone location data without warrants, memo says MORE (D-Ore.) said on Monday that a cyberattack at the Department of Treasury reported by media outlets last week “appears to be significant.”

Wyden, the ranking member of the Senate Finance Committee, released the statement after the committee’s staff was briefed by the Treasury Department and the IRS about the hack of the IT company SolarWinds. 

The Oregon senator said the IRS reported “no evidence that IRS was compromised or taxpayer data was affected,” but he added, “The hack of the Treasury Department appears to be significant.”

ADVERTISEMENT

“According to Treasury staff, the agency suffered a serious breach, beginning in July, the full depth of which isn’t known,” Wyden said. “Microsoft notified the agency that dozens of email accounts were compromised.”

“Additionally the hackers broke into systems in the Departmental Offices division of Treasury, home to the department’s highest-ranking officials,” he added. “Treasury still does not know all of the actions taken by hackers, or precisely what information was stolen.”

Wyden then slammed government officials who have been “advocating for encryption backdoors, and ignoring warnings from cybersecurity experts who said that encryption keys become irresistible targets for hackers.” 

The Oregon Democrat’s statement follows reports from media outlets that several federal agencies were hacked this year through the cyberattack on SolarWinds. According to The Washington Post, the cyberattack was conducted by a Russian military intelligence group called “Cozy Bear.”

Last week, the Cybersecurity and Infrastructure Security Agency gave an emergency order for federal departments to stop using SolarWinds products. 

ADVERTISEMENT

Wyden and Senate Finance Committee Chairman Chuck GrassleyChuck GrassleyOn The Money: Treasury announces efforts to help people get stimulus payments | Senate panel unanimously advances Yellen nomination for Treasury | Judge sets ground rules for release of Trump taxes Senate panel unanimously advances Yellen nomination for Treasury Finance Committee vote on Yellen nomination scheduled for Friday MORE (R-Iowa) requested the IRS brief the committee on whether sensitive taxpayer information was suspected to have been leaked in the hack. 

Wyden also partnered with Senate Banking Committee ranking member Sherrod BrownSherrod Campbell BrownPortman planned exit sets off Ohio free-for-all Portman won't run for reelection Hawley files ethics counter-complaint against seven Democratic senators MORE (D-Ohio) to call on Treasury Secretary Steven MnuchinSteven MnuchinOn The Money: Senate confirms Yellen as first female Treasury secretary | Biden says he's open to tighter income limits for stimulus checks | Administration will look to expedite getting Tubman on bill Senate confirms Yellen as first female Treasury secretary Biden administration will look to expedite getting Tubman on bill MORE to provide more information on the breach of the department.

Mnuchin told CNBC on Monday that the cyberattack involved "unclassified systems," saying, "we do not see any break in into our classified systems."

"Our unclassified systems did have some access," he said. "I will say the good news is there’s been no damage, nor have we seen any large amounts of information displaced."

"This is something that ... will be continued to be focused on, but we are – we are working with the National Security Council, we’re working with the Intel agencies and, and I can assure you, we are completely on top of this." 

Updated 10:48 a.m.