Republican lawmakers are swiftly urging the Treasury Department to provide answers on a recent cybersecurity attack from China that infiltrated various workstations, as outlined in a letter obtained by The Hill.
“This breach of federal government information is extremely concerning. As you know, Treasury maintains some of the most highly sensitive information on U.S. persons throughout government, including tax information, business beneficial ownership, and suspicious activity reports,” Sen. Tim Scott (R-S.C.), a ranking member on the Senate Committee for Banking, Housing and Urban Affairs alongside House Financial Services Committee Vice Chair Rep. French Hill (R-Ark.) wrote to Treasury Secretary Janet Yellen.
“This information must be vigilantly protected from theft or surveillance by our foreign adversaries, including the Chinese Communist Party (“CCP”), who seek to harm the United States,” they wrote.
Chinese state-sponsored actors hacked into the Treasury Department in early December, accessing unclassified documents from its workstations, the agency told lawmakers last week. The hackers stole a key from a software service provider, BeyondTrust, and gained access to the department’s workstations.
Scott and Hill (R-Ark.) are requesting a briefing on the breach in eight days with full detail on the information accessed by the hackers, specifics on those responsible for the incident and how it will be prevented in the future, among other requests.
In an initial letter issued by the Treasury after the attack, the agency noted they are no longer using BeyondTrust and claim there is no evidence the hackers still have access to the workstations.
The Treasury Department originally said they would provide Congress members with an update in 30 days as outlined by the law. However, Scott and Hill said they need answers sooner.
“Treasury takes very seriously all threats against our systems, and the data it holds,” the agency released in a statement immediately following the incident.
“Over the last four years, Treasury has significantly bolstered its cyber defense, and we will continue to work with both private and public sector partners to protect our financial system from threat actors,” the department’s statement reads.
