A number of U.S. government agencies reportedly have been hacked: The Commerce Department, the Department of Homeland Security, the Pentagon, the Treasury Department, the U.S. Postal Service, and the National Institutes of Health. The attack began in March 2020, and is still ongoing, meaning that the malware that was placed on computers may still be capturing confidential information.
According to the U.S. Cybersecurity and Infrastructure Security Agency (CISA), tech company SolarWinds was compromised, and it posed “unacceptable risks to the security of federal networks.” SolarWinds Orion products are used by several U.S. agencies for network management.
In turn, SolarWinds said in a statement that the breach of their system “was likely conducted by an outside nation state and intended to be a narrow, extremely targeted, and manually executed attack, as opposed to a broad, system-wide attack.”
Read more about it here.