Senate Democrat says cyberattack on Treasury 'appears to be significant'

Sen. Ron WydenRonald (Ron) Lee WydenThese Senate seats are up for election in 2022 Democrats call on Biden administration to ease entry to US for at-risk Afghans Schumer opted for modest rules reform after pushback from moderates MORE (D-Ore.) said on Monday that a cyberattack at the Department of Treasury reported by media outlets last week “appears to be significant.”

Wyden, the ranking member of the Senate Finance Committee, released the statement after the committee’s staff was briefed by the Treasury Department and the IRS about the hack of the IT company SolarWinds. 

The Oregon senator said the IRS reported “no evidence that IRS was compromised or taxpayer data was affected,” but he added, “The hack of the Treasury Department appears to be significant.”

ADVERTISEMENT

“According to Treasury staff, the agency suffered a serious breach, beginning in July, the full depth of which isn’t known,” Wyden said. “Microsoft notified the agency that dozens of email accounts were compromised.”

“Additionally the hackers broke into systems in the Departmental Offices division of Treasury, home to the department’s highest-ranking officials,” he added. “Treasury still does not know all of the actions taken by hackers, or precisely what information was stolen.”

Wyden then slammed government officials who have been “advocating for encryption backdoors, and ignoring warnings from cybersecurity experts who said that encryption keys become irresistible targets for hackers.” 

The Oregon Democrat’s statement follows reports from media outlets that several federal agencies were hacked this year through the cyberattack on SolarWinds. According to The Washington Post, the cyberattack was conducted by a Russian military intelligence group called “Cozy Bear.”

Last week, the Cybersecurity and Infrastructure Security Agency gave an emergency order for federal departments to stop using SolarWinds products. 

ADVERTISEMENT

Wyden and Senate Finance Committee Chairman Chuck GrassleyChuck GrassleyThese Senate seats are up for election in 2022 Hillicon Valley — Senate panel advances major antitrust bill Senate panel advances bill blocking tech giants from favoring own products MORE (R-Iowa) requested the IRS brief the committee on whether sensitive taxpayer information was suspected to have been leaked in the hack. 

Wyden also partnered with Senate Banking Committee ranking member Sherrod BrownSherrod Campbell BrownThese Senate seats are up for election in 2022 Biden calls Intel's B investment to build chip factories a tool for economic recovery Democrats see good chance of Garland prosecuting Trump MORE (D-Ohio) to call on Treasury Secretary Steven MnuchinSteven MnuchinConservatives are outraged that Sarah Bloom Raskin actually believes in capitalism Suspect in Khashoggi murder arrested The Hill's Morning Report - Presented by Facebook - Biden to tackle omicron risks with new travel rules MORE to provide more information on the breach of the department.

Mnuchin told CNBC on Monday that the cyberattack involved "unclassified systems," saying, "we do not see any break in into our classified systems."

"Our unclassified systems did have some access," he said. "I will say the good news is there’s been no damage, nor have we seen any large amounts of information displaced."

"This is something that ... will be continued to be focused on, but we are – we are working with the National Security Council, we’re working with the Intel agencies and, and I can assure you, we are completely on top of this." 

Updated 10:48 a.m.