Senate Democrat says cyberattack on Treasury 'appears to be significant'

Sen. Ron WydenRonald (Ron) Lee WydenHillicon Valley: Intelligence agency gathers US smartphone location data without warrants, memo says | Democrats seek answers on impact of Russian hack on DOJ, courts | Airbnb offers Biden administration help with vaccine distribution Intelligence agency gathers US smartphone location data without warrants, memo says Senate panel unanimously advances Yellen nomination for Treasury MORE (D-Ore.) said on Monday that a cyberattack at the Department of Treasury reported by media outlets last week “appears to be significant.”

Wyden, the ranking member of the Senate Finance Committee, released the statement after the committee’s staff was briefed by the Treasury Department and the IRS about the hack of the IT company SolarWinds. 

The Oregon senator said the IRS reported “no evidence that IRS was compromised or taxpayer data was affected,” but he added, “The hack of the Treasury Department appears to be significant.”


“According to Treasury staff, the agency suffered a serious breach, beginning in July, the full depth of which isn’t known,” Wyden said. “Microsoft notified the agency that dozens of email accounts were compromised.”

“Additionally the hackers broke into systems in the Departmental Offices division of Treasury, home to the department’s highest-ranking officials,” he added. “Treasury still does not know all of the actions taken by hackers, or precisely what information was stolen.”

Wyden then slammed government officials who have been “advocating for encryption backdoors, and ignoring warnings from cybersecurity experts who said that encryption keys become irresistible targets for hackers.” 

The Oregon Democrat’s statement follows reports from media outlets that several federal agencies were hacked this year through the cyberattack on SolarWinds. According to The Washington Post, the cyberattack was conducted by a Russian military intelligence group called “Cozy Bear.”

Last week, the Cybersecurity and Infrastructure Security Agency gave an emergency order for federal departments to stop using SolarWinds products. 


Wyden and Senate Finance Committee Chairman Chuck GrassleyChuck GrassleyOn The Money: Treasury announces efforts to help people get stimulus payments | Senate panel unanimously advances Yellen nomination for Treasury | Judge sets ground rules for release of Trump taxes Senate panel unanimously advances Yellen nomination for Treasury Finance Committee vote on Yellen nomination scheduled for Friday MORE (R-Iowa) requested the IRS brief the committee on whether sensitive taxpayer information was suspected to have been leaked in the hack. 

Wyden also partnered with Senate Banking Committee ranking member Sherrod BrownSherrod Campbell BrownSenators introduce bill to award Officer Goodman the Congressional Gold Medal Senate panel unanimously advances Yellen nomination for Treasury Senate Democrats file ethics complaint against Hawley, Cruz over Capitol attack MORE (D-Ohio) to call on Treasury Secretary Steven MnuchinSteven MnuchinBiden can hold China accountable for human rights abuses by divesting now Pence delivers coronavirus task force report to Biden Treasury imposes additional sanctions on Cuba over allegations of 'serious human rights abuse' MORE to provide more information on the breach of the department.

Mnuchin told CNBC on Monday that the cyberattack involved "unclassified systems," saying, "we do not see any break in into our classified systems."

"Our unclassified systems did have some access," he said. "I will say the good news is there’s been no damage, nor have we seen any large amounts of information displaced."

"This is something that ... will be continued to be focused on, but we are – we are working with the National Security Council, we’re working with the Intel agencies and, and I can assure you, we are completely on top of this." 

Updated 10:48 a.m.