The hackers gained access to several workstations with non-confidential documents, according to a spokesperson at the department.
The attackers used a third party, a cybersecurity service, to remotely control the department's computers and access documents. An actor with support from the Chinese state is behind, according to the Finance Department.
The current service from the cybersecurity firm Beyond Trust, which the hackers infiltrated, has been taken out of use. There is nothing to suggest that the hackers still have access to the department's systems, says the spokesperson.
"Based on available indicators, the incident has been attributed to a China state-sponsored APT actor (advanced persistent threat)", the department writes in a letter to the US Senate Banking Committee.
The department provides no details about the content of the hacked documents.
