Written Question: US Terrorist Finance Tracking Programme cyberattack
Date submitted: 4 March 2021
Question for written answer E-001257/2021
to the Commission
Moritz Körner (Renew)
Subject: US Terrorist Finance Tracking Programme cyberattack
In 2020, a major cyberattack penetrated multiple parts of the United States Federal Government, leading to a series of data breaches, including at the US Treasury Department. The attackers exploited software or credentials from at least three US firms: Microsoft, SolarWinds, and VMware. The cyberattack and data breach were reported to be among the worst cyber espionage incidents ever suffered by the USA, due to the sensitive nature and high profile of the targets and the long duration for which the hackers had access.
Separate replies to each of the following questions are requested:
- What implications have these breaches had on data transmitted to the US Treasury Department pursuant to the Terrorist Finance Tracking Programme (TFTP) Agreement?
- Has the Commission, or the overseer appointed by it, had an opportunity to investigate in person on-site which data was accessed by the attackers?
- In the light of these attacks, what conclusions has it drawn concerning the future of the TFTP agreement?