The agency said Monday that Chinese hackers gained remote access to several U.S. Treasury workstations and unclassified documents after hacking into a third-party software services provider.
The department did not provide details on how many workstations were accessed or what documents the hackers may have obtained, but in a letter to lawmakers revealing the breach it said that “there is no evidence at this time to indicate that the threat actor continues to access tax information.” “
“Treasury takes all threats against our systems and stored data very seriously,” the department said.
“Over the past four years, Treasury has significantly strengthened its cyber defenses, and we will continue to work with private and public sector partners to protect our financial system from threat actors.”
The letter described the break-in as a “serious incident.”
The department said it became aware of the problem on Dec. 8, when third-party software services provider BeyondTrust reported that hackers had stolen a key used by the vendor that helped it bypass the system and gain remote access to several employee workstations.
The affected service has since been disabled and there is no evidence that hackers still have access to department information, Deputy Treasury Secretary Aditi Hardikar said in a Monday letter to Senate Banking Committee leaders.
The department said it was cooperating with the FBI and the Cybersecurity and Infrastructure Security Agency, and the hack was attributed to Chinese culprits.
Not specified.