Chinese hackers gained remote access to several US Treasury Department workstations and unclassified documents after compromising a third-party software service provider, the agency said Monday.
The department did not provide details on how many workplaces were accessed or what kind of documents hackers may have had, but said in a letter to lawmakers that ' break “there is no evidence at this time to suggest that the actor has threatened to continue. access to Treasury information.”
“Treasury takes seriously all threats against our systems, and the data it contains,” the department said.
“Over the past four years, the Treasury has significantly strengthened its cyber defences, and we will continue to work with private and public sector partners to protect our financial system from threat actors.”
The letter described the setback as a “major event”.
The department said it learned of the problem on Dec. 8 when a third-party software service provider, BeyondTrust, indicated that hackers had stolen a key used by the vendor it helped overcome the system and gain remote access to multiple employee workstations.
The compromised service has since been taken offline, and there is no evidence that hackers still have access to departmental information, said Aditi Hardikar, deputy finance secretary, in Monday's letter to Senate Banking Committee leaders.
The department said it was working with the FBI and the Cybersecurity and Infrastructure Security Agency, and that the hack was attributed to Chinese criminals.
He did not elaborate.
