Hackers linked to China have accessed more than 400 computers of the US Treasury Department

The US Treasury announced in a letter back in December that it was, saying it was an “Advanced Persistent Threat actor sponsored by the Chinese government.” Now we know more about the extent of hacking, .

The group hacked into more than 400 laptops and desktops, many of which were focused on “sanctions, international affairs and intelligence.” They also had access to employee usernames and passwords, in addition to more than 3,000 files on unclassified personal computers. These documents include travel data, organizational charts, sanctions materials and foreign investment metrics.

The agency’s report indicates that the perpetrators may have stolen all of this data, but they were unable to break into classified Treasury or email systems. Hackers accessed material related to an investigation by the Foreign Investment Committee. This committee reviews the security implications surrounding US real estate purchases and investments.

The agency’s report also notes that there is no evidence to suggest that the hackers tried to sneak into the Treasury Department’s systems to gather long-term intelligence, and that they did not leave behind any malware.

Investigators say the raid was carried out by a notorious Chinese government-sponsored group known as Silk Typhoon, Halfnium or UNC5221. It has been suggested that they carry out the hack outside normal working hours to avoid detection. Last month, a spokesman for China’s Foreign Ministry called out allegations that the attack was state-sponsored.

Counterintelligence officials are still in the middle of a “full assessment of the damage” but Treasury staff will brief the Senate Banking, Housing and Urban Affairs Committee on the matter this week.