Hackers running a massive cyber-espionage campaign spied on dozens of US Treasury email accounts and accessed the systems used by some of its highest ranking officials, a senior senator said on Monday.
US government agencies have been among the casualties of a wider hacking operation, details of which began to emerge last week, that has been running for the past nine months and is still ongoing.
Senator Ron Wyden, a democratic member of the Senate Finance Committee, said in a statement late on Monday that the Treasury had suffered “a serious breach, beginning in July”, adding that Microsoft had notified the agency that “dozens of email accounts were compromised”.
“Additionally the hackers broke into systems in the Departmental Offices division of Treasury, home to the department’s highest-ranking officials,” said the senator, who had received a briefing with other finance committee staff.
It certainly appears to be the Russians but I’m not going to discuss it beyond that
William Barr, US attorney-general
Senator Wyden said it was unclear what actions had been taken by the perpetrators and what was stolen, but noted that there was no evidence the Inland Revenue Service had been hit, nor that taxpayer data was affected.
Earlier on Monday, Steven Mnuchin, Treasury secretary, confirmed for the first time that his department had been hacked, saying that its unclassified systems had been accessed but its classified systems had not.
“I will say that the good news is there has been no damage, nor have we seen any large amounts of information displaced,” he said in an interview with CNBC.
The hackers gained access by hijacking software from SolarWinds, a Texas-based IT company, which said last week that some 18,000 of its government and business clients globally may have been exposed. 
The commerce and energy department have already confirmed that they have been hacked, while numerous other federal agencies have said they were assessing the situation.
Microsoft, itself a casualty of the attack, said it had identified more than 40 customers that had been singled out for precise and sophisticated targeting, many of which were cyber security and IT companies.
William Barr, attorney-general, on Monday became the latest senior figure in the Trump administration to attribute the hack to the Russian government — contradicting President Donald Trump’s assertion that China may be to blame. 
Mr Barr said he supported comments from Mike Pompeo, secretary of state, who last week suggested that Russia was “pretty clearly” responsible for the sweeping hacking operation.
“From the information I have, I agree with secretary Pompeo’s assessment,” Mr Barr said. “It certainly appears to be the Russians but I’m not going to discuss it beyond that.”
On Saturday, Mr Trump tweeted that the hack — which US cyber officials have warned poses a “grave risk” to the government, critical infrastructure and the private sector — was being overhyped “in the fake news media” and that “everything is well under control”. 
Mr Trump added: “Russia, Russia, Russia is the priority chant when anything happens because Lamestream is, for mostly financial reasons, petrified of discussing the possibility that it may be China (it may!).”
There is widespread consensus among cyber and intelligence experts that the espionage campaign bears hallmarks of a Russian campaign, with the tactics and coding used pointing more specifically to SVR, Russia’s foreign intelligence service. 
The Trump administration has come under fire for not doing more to shore up the government’s cyber defences, as some politicians and cyber experts call for action to be taken against the hackers.