The US cybersecurity agency CISA said in a brief statement on Monday that there is “no indication” that other US federal agencies were hacked during the recent cyberattack on the US Treasury Department in December.
The Treasury Department acknowledged on December 30 that the intrusion was the work of Chinese government-backed hackers, telling senior U.S. lawmakers in a letter that the hackers had remote access to Treasury staff workstations and were able to access unclassified documents. . The hackers obtained the private key from BeyondTrust, one of the company's technology vendors, and the department said it is using it for remote technical support, according to the letter. It is not yet clear how the BeyondTrust keys were stolen. The Washington Post reported last week that hackers were specifically targeting the Treasury Department's Global Sanctions Division.
A Chinese government spokesperson in Washington, D.C., previously denied the allegations.
CISA said in a statement Monday that it “continues to monitor the situation and is working with relevant federal authorities to ensure a comprehensive response” following the Treasury Department cyberattack.