Hackers believed to be working on behalf of the Russian government were able to access dozens of email accounts at the U.S. Treasury Department, including those belonging to the agency's most senior officials, Sen. Ron Wyden (D-Ore.) said Monday night.
Wyden, the top Democrat on the Senate Finance Committee, said committee staffers learned during a briefing on Monday that according to Microsoft, hackers were able to penetrate the systems at the Treasury's Departmental Offices division, home to the the department's top officials. While the Treasury Department "still does not know all of the actions taken by hackers, or precisely what information was stolen," there is no evidence the Internal Revenue Service was compromised, Wyden said in his statement.
A Wyden aide told Reuters that hackers were able to get into the Treasury's systems by taking control of a cryptographic key used by the department so employees can gain access to different services using one user name and password. Treasury officials told the Senate Finance Committee that Treasury Secretary Steven Mnuchin's email inbox was not targeted, the aide said.
The Treasury breach began in July, Wyden said, but experts believe the cyber-espionage campaign started earlier in the year, when hackers first compromised software made by the company SolarWinds, allowing them to penetrate government agency networks. While Secretary of State Mike Pompeo and Attorney General William Barr have both said they think the Kremlin was responsible for the cyber attack, President Trump has attempted to downplay the massive hacking, even suggesting China was actually behind it. Russia has denied any involvement.