U.S. authorities have confirmed that a Chinese state-sponsored hacker successfully breached the U.S. Treasury Department, gaining access to government employees’ workstations and unclassified documents.
According to the Biden administration, the breach was flagged on December 8 by BeyondTrust, a third-party software provider.
The hacker reportedly obtained a security key that allowed remote access to specific workstations and documents within the department.
In a letter sent to lawmakers, the Treasury Department outlined the incident, highlighting the potential risks posed by the unauthorized access.
While the full scope of the breach remains under investigation, it underscores the persistent threat posed by state-sponsored cyberattacks targeting sensitive U.S. institutions.
“Based on available indicators, the incident has been attributed to a China state-sponsored Advanced Persistent Threat (APT) actor,” the letter reads. “In accordance with Treasury policy, intrusions attributable to an APT are considered a major cybersecurity incident.”
The U.S. Treasury Department is working with the FBI, intelligence agencies, and other investigators to assess the impact of the breach, while the compromised service has since been deactivated, and there is no evidence suggesting that the Chinese actor still has access to treasury information.
This comes from a major cyberattack following previous revelations of China’s penetration into U.S. telecommunications where it gained access to the phone conversations and text messages of U.S. officials.
Chinese officials have consistently denied any government involvement in hacking and have engaged in talks with the U.S. to address cybersecurity concerns, according to The Times.
Post A Comment: