In a significant security breach, the US Treasury Department revealed that Chinese state-sponsored hackers infiltrated its systems earlier this month, compromising employee workstations and some unclassified documents. This incident, categorized as a "major cybersecurity incident," was disclosed by the Treasury in a letter to lawmakers. The department is collaborating with the FBI and other agencies to assess the breach's impact and has since disconnected the compromised third-party service, BeyondTrust, which facilitated the hack.
US Treasury Department Hacked by Suspected Chinese Actors in Security Breach

US Treasury Department Hacked by Suspected Chinese Actors in Security Breach
Chinese hackers reportedly accessed US Treasury systems, raising alarms about cybersecurity vulnerabilities.
The attack reportedly unfolded when China-based actors exploited a security vulnerability linked to BeyondTrust, an application that provided remote technical support to Treasury employees. The incident was flagged on December 2, although it took BeyondTrust three days to confirm the breach. While the Treasury has not detailed the nature of the accessed files, it indicated that the intruders aimed to gather intelligence rather than financial gain. The Treasury has committed to delivering a supplemental report on the incident within 30 days.
In response to the allegations, China’s foreign ministry refuted claims of involvement, branding them as unsubstantiated accusations. This incident joins a series of high-profile breaches attributed to Chinese hackers, further straining US-China relations, as both countries navigate ongoing disputes over cybersecurity and espionage. The US continues to investigate these hacking campaigns, with attention to groups like Volt Typhoon, already linked to critical infrastructure intrusions.
China Maintains Innocence Amid Accusations of Cyber Espionage
The Chinese government continues to deny any participation in the hacking activities targeting US agencies and criticizes the US for spreading misinformation.
The US Treasury's announcement follows a concerning trend of cyberattacks believed to be orchestrated by Chinese actors. Despite the lack of direct evidence provided by US officials linking the attack to China, the accusations have sparked outcry from Beijing. The ongoing tension between the two countries carries implications not only for national security but also for diplomatic relations.
As the investigation unfolds, it may reveal deeper vulnerabilities within government infrastructures, prompting an urgent call for robust cybersecurity measures to protect sensitive information from foreign threats.
In response to the allegations, China’s foreign ministry refuted claims of involvement, branding them as unsubstantiated accusations. This incident joins a series of high-profile breaches attributed to Chinese hackers, further straining US-China relations, as both countries navigate ongoing disputes over cybersecurity and espionage. The US continues to investigate these hacking campaigns, with attention to groups like Volt Typhoon, already linked to critical infrastructure intrusions.
China Maintains Innocence Amid Accusations of Cyber Espionage
The Chinese government continues to deny any participation in the hacking activities targeting US agencies and criticizes the US for spreading misinformation.
The US Treasury's announcement follows a concerning trend of cyberattacks believed to be orchestrated by Chinese actors. Despite the lack of direct evidence provided by US officials linking the attack to China, the accusations have sparked outcry from Beijing. The ongoing tension between the two countries carries implications not only for national security but also for diplomatic relations.
As the investigation unfolds, it may reveal deeper vulnerabilities within government infrastructures, prompting an urgent call for robust cybersecurity measures to protect sensitive information from foreign threats.