Exclusive: Suspected Chinese hackers used
SolarWinds bug to spy on U.S. payroll agency – sources https://t.co/oTq8lFM2AS pic.twitter.com/2QSB28cNM2
- Reuters (@Reuters)
SolarWinds said that it knew that a customer was attacked by the second group of hackers, but "no definitive information was found" to show who was responsible for the attack.The company added that the attackers could not access SolarWinds' internal systems, and the company issued an update in December to fix the exploited software bug.
A U.S. Department of Agriculture spokesperson admitted to the data breach, but declined to comment further.The FBI declined to comment.
The four people who investigated the two attacks and the external experts who reviewed the code used by the two groups of hackers said that although the two espionage activities overlap and are directed against the US government, they are separate (actions) and are completely different of.
In December 2020, the media widely reported that hackers used SolarWinds to invade all levels of government and large enterprises in the United States, causing serious threats.US government agencies, including the Department of Defense, the State Department, the Department of Homeland Security, the Department of Energy, the Department of Treasury, and the Department of Commerce have all discovered hackers using SolarWinds to invade.
Reuters was unable to determine what information the hackers stolen from the National Financial Center or the depth of their penetration into the NFC system.But a former US government official told Reuters that its potential impact could be "enormous."
Former U.S. officials said that NFC is responsible for processing payrolls from multiple government agencies, including those involved in national security, such as the FBI, the State Department, the Department of Homeland Security, and the Department of Treasury.
The records held by the NFC include the social security numbers, phone numbers and personal email addresses of federal employees, as well as bank information. NFC stated on its website that it "provides services to more than 60 different agencies and provides payroll services to more than XNUMX federal employees."
Reuters reported that a USDA spokesperson said in an email: "The USDA has notified all customers (including individuals and institutions) whose data has been affected."
[Welcome to the news to discuss cooperation! 】WeChat subscription account: news-china-com-au