In a recent revelation, officials from the US Treasury Department disclosed that a significant cybersecurity breach occurred, with a state-sponsored hacker from China gaining access to employee workstations and unclassified documents. The breach took place in early December and was detailed in a letter sent to lawmakers.
US Treasury Confirms Major Cyber Breach Linked to China
US Treasury Confirms Major Cyber Breach Linked to China
Treasury officials report a significant hack attributed to a Chinese state-sponsored group, compromising employee systems and documents.
The attack was facilitated through security vulnerabilities in a third-party service known as BeyondTrust, which provides remote technical support to Treasury employees. The Treasury characterized the incident as "major," confirming they are working with the FBI and other agencies, including the Cybersecurity and Infrastructure Security Agency, to assess the implications of the breach.
BeyondTrust has since been disconnected to prevent further unauthorized access, and officials noted that there is currently no indication the hacker can still access Treasury data. According to the Department's letter, the intrusion was attributed to a "China-based Advanced Persistent Threat (APT) actor."
The compromised systems allowed the hacker to remotely interact with several Treasury user workstations, although specific details about the accessed files remain undisclosed. The Treasury emphasized its commitment to cybersecurity, stating that threats against their systems are taken seriously, and ongoing measures are in place to protect sensitive information.
China has a history of being accused of espionage by US authorities, a claim the Chinese government consistently denies. The situation continues to evolve as further details emerge regarding the incident.
BeyondTrust has since been disconnected to prevent further unauthorized access, and officials noted that there is currently no indication the hacker can still access Treasury data. According to the Department's letter, the intrusion was attributed to a "China-based Advanced Persistent Threat (APT) actor."
The compromised systems allowed the hacker to remotely interact with several Treasury user workstations, although specific details about the accessed files remain undisclosed. The Treasury emphasized its commitment to cybersecurity, stating that threats against their systems are taken seriously, and ongoing measures are in place to protect sensitive information.
China has a history of being accused of espionage by US authorities, a claim the Chinese government consistently denies. The situation continues to evolve as further details emerge regarding the incident.
