During a House Oversight Committee hearing Wednesday, members of Congress from both parties pressed the Secret Service for more information about foreign state-sponsored hackers stealing Covid relief funds, citing exclusive NBC News reports on fraud by hackers linked to the Chinese government.

In December, NBC News broke the story that a hacker group called APT41 linked to the Chinese government stole at least $20 million in US Covid relief benefits, including Small Business Administration loans and funds from unemployment insurance in more than a dozen states, according to the Secret Service.

On Wednesday, Rep. Raja Krishnamoorthi, D-Ill, pressed witness David Smith, deputy director of the Secret Service’s Office of Investigations, to reveal the full extent of the groups’ cyberattacks on state computer systems. “Since that article came out, I came to believe that they probably targeted many states beyond a dozen,” Krishnamoorthi said.

Smith declined to elaborate, also demurring when Krishnamoorthi asked if any Russian state-sponsored hacking group had stolen funds.

“Whether an entity is state-sponsored or not, that’s generally not the reason why we tend to focus on them, we follow the money,” Smith said.

North Dakota Republican Kelly Armstrong also referred to the NBC News report, asking Smith: «When do you think the Secret Service expects to have a ruling on whether the hackers acted on their own behalf or on the orders of the government?»

Smith responded: «Sir, sometimes, in the context of a criminal investigation, those answers are never reconciled.»

When asked about progress on the APT41 case, Smith said, “That case is a big, very broad case from our Denver field office. And you’ll be unpacking that for some time, sir.»

The theft of taxpayer funds by Chengdu-based APT41 hackers is the first case of pandemic fraud linked to state-sponsored foreign cybercriminals that the US government has publicly acknowledged, but which may be the tip of the iceberg, according to US law enforcement officials and cybersecurity experts.

In an interview on the eve of the hearing, the committee’s new chairman, Rep. James Comer, R-Ky., called the theft of pandemic funds intended for taxpayers by a foreign adversary «a national security issue.» ”.

“It’s one thing for American criminals to steal that money. But when we find out, it’s our criminals in China and Russia, and some other countries around the world that are adversaries for us, it makes it even worse, you add salt to the wound,” Comer said. “This could be the largest transfer of wealth from the government to cyber attackers in US history.”

Comer told NBC News that he created a cybersecurity subcommittee to explore options for bolstering government defenses in hopes of preventing similar incursions into state and federal computer systems.

The day after NBC published its initial story in December, the state of Maryland banned the use of TikTok and other Chinese and Russian products by state agencies, citing NBC News reports of Chinese government-linked hackers who stole millions. in Covid benefits from state governments. In the USA

In announcing the emergency directive, the state said that the entities “submit a unacceptable level of cyber security risk to the state, and may be involved in activities such as cyber espionage, surveillance of government entities, and inappropriate collection of sensitive personal information.”

Grace Jaworski contributed.