Why the Russian hack is so significant, and why it's close to a worst-case scenario
It's not often that the Treasury Department and Iowa State University are dealing with the same security problem.
Such is the breadth of what's known as the SolarWinds hack, named for a Texas-based company that was used as a staging ground for an espionage campaign so widespread that experts say we're only beginning to understand who was affected and what was stolen. Treasury is trying to figure out how many senior officials' email accounts were monitored. Iowa State has decommissioned servers to check whether hackers got in.
Around the world, at least hundreds, but more likely thousands or tens of thousands of organizations — including companies, schools, think tanks and, notably, every major government agency — have been working frantically to see whether they've been affected by the suspected Russian hacking campaign and, if so, how much access the hackers had.