The U.S. Department of Agriculture has found “no evidence” of a data breach at a payroll processing center but is investigating, a spokesperson said in response to news reports to the contrary.
Reuters first reported on Tuesday that the department’s National Finance Center, which runs a payroll system serving over 600,000 federal employees across 160 agencies, was penetrated by suspected Chinese hackers exploiting a flaw in SolarWinds’ software.
The intrusion is separate from earlier reports in December associated with a trojanized update SolarWinds distributed to about 18,000 of its customers, according to Reuters. In response to that hacking campaign, which a number of agencies acknowledged they were affected by, the Cybersecurity and Infrastructure Security Agency directed all agencies to remove certain SolarWinds products from their systems. Government officials have since publicly said Russia is likely behind that event, along with the abuse of authentication configurations in Microsoft’s Office 365 cloud service.
"In compliance with CISA’s emergency directive and to protect USDA systems, USDA notified customers in December that it had removed SolarWinds Orion products from its networks due to the SolarWinds compromise,” the USDA spokesperson told Nextgov. “While we continue to look into it, we have no evidence of a data breach of the USDA National Finance Center."
SolarWinds told Reuters the company issued a patch in December for the flaw reportedly exploited by the Chinese actors. The company said it is aware of one instance where the bug enabled hackers to spread across an entity’s network, but that it is unclear how they gained initial access.
A USDA spokesperson initially acknowledged a breach of their systems in the Reuters article, which has since been updated to reflect U ..
Support the originator by clicking the read the rest link below.
