The US Treasury Building in Washington, DC.
Chip Somodevilla/Getty Images
The scope of a sophisticated Russian hacking campaign that has penetrated both US federal agencies and private companies continues to be revealed. The hackers managed, among other things, to break into the email system used by senior leadership at the Treasury Department, according to a report Monday from The New York Times. The Treasury Department acknowledged it had “suffered a serious breach, beginning in July,” Sen. Ron Wyden reportedly said following a briefing for the Senate Finance Committee, adding that the “full depth” of the hack isn’t known. Wyden added that the department learned about the breach from Microsoft, which runs much of its communications software, according to the Times.
Editors’ top picks
Subscribe to CNET Now for the day’s most interesting reviews, news stories and videos.
In addition to the Treasury Department, agencies believed to have been impacted by the widespread cyberattack include the departments of Homeland Security, State and Commerce, as well as the National Institutes of Health. The breach started with hackers compromising cybersecurity firm SolarWinds, which sells software that lets organizations see what’s happening on their computer networks. Dozens of private companies — including Microsoft, Cisco, Intel and FireEye — were also reportedly infected with the malware. Last week, US national security agencies issued a joint statement calling the activity a “significant and ongoing hacking campaign.” Secretary of State Mike Pompeo and some cybersecurity experts have attributed the hack to Russia. The Treasury Department didn’t immediately respond to a request for comment.