U.S. Sen. Tim Scott (R-SC) and U.S. Rep. French Hill (R-AR) are seeking answers about the China state-sponsored cybersecurity breach at the U.S. Department of Treasury.
In a letter to Treasury Secretary Janet Yellen, Scott and Hill wanted more information about the protocols for safeguarding sensitive federal government information.
“We write regarding the major cybersecurity incident that the Department of the Treasury disclosed to the Senate Banking and House Financial Services Committees yesterday involving a China state-sponsored Advanced Persistent Threat actor breaking into Treasury’s computer systems and remotely accessing information maintained by Treasury users. This breach of federal government information is extremely concerning. As you know, Treasury maintains some of the most highly sensitive information on U.S. persons throughout government, including tax information, business beneficial ownership, and suspicious activity reports. This information must be vigilantly protected from theft or surveillance by our foreign adversaries, including the Chinese Communist Party, who seek to harm the United States. As such, the fact that a CCP-sponsored APT actor was able to access Treasury’s information systems is unacceptable and raises serious questions about the protocols for safeguarding sensitive federal government information from future cybersecurity incidents,” Scott and Hill wrote in a letter to Yellen.
The lawmakers also demanded a detailed briefing on the incident. Specifically, they are seeking details on cybersecurity incident, including when and how it occurred and which China-sponsored APT actor is responsible. They also want to know about the type and extent of information accessed by the CCP-aligned actor.
Further, they are interested in learning to what extent the Treasury was aware, prior to the cybersecurity incident, of cybersecurity vulnerabilities from third-party software service providers. Finally, they want to know what steps Treasury has taken, and plans to take, to ensure that a similar cybersecurity incident does not occur again.