U.S. National Security Council officials met Saturday at the White House to discuss reports that a “sophisticated hacking group,” believed to be working for Russia, has infiltrated the country’s Department of the Treasury and other government agencies and stolen information related to internet and telecommunications policymaking.
According to Reuters, three of the people familiar with the investigation said Russia is believed to be behind the attack.
Two of the people said the breaches are related to a disclosed hack on FireEye, a U.S. cybersecurity company with government contracts.
“The United States government is aware of these reports, and we are taking all necessary steps to identify and remedy any possible issues related to this situation,” National Security Council spokesman John Ullyot said.
The Reuters news agency, which first reported the breach, said U.S. intelligence officials are concerned that hackers used similar means to break into other government agencies besides Treasury.
Later Sunday, the Commerce Department confirmed one of its agencies was breached.
“We have asked the Cybersecurity and Infrastructure Security Agency and the FBI to investigate, and we cannot comment further at this time,” a statement from the department said.
The Cybersecurity and Infrastructure Security Agency, part of the Homeland Security Department, was led until recently by Christopher Krebs, who was fired by President Donald Trump. Krebs has not been replaced.
He was dismissed after he said the November national election was “the most secure in American history,” angering Trump who has claimed, without evidence, that voting and vote-count irregularities led to President-elect Joe Biden’s victory over him.
Several federal agencies are investigating, and the extent of the intrusion is not known.