Chinese State-Sponsored Hackers Breach U.S. Treasury Department
The United States government has confirmed a significant cybersecurity breach involving the U.S. Treasury Department, attributed to a Chinese state-sponsored hacker group.
According to the Biden administration, the hackers gained access to government employees’ workstations and unclassified documents stored within the department. The breach was first flagged on December 8 by BeyondTrust, a third-party software service provider, prompting an immediate investigation.
The hackers reportedly obtained a security key that allowed them remote access to certain Treasury Department workstations and the documents stored on them.
“Based on available indicators, the incident has been attributed to a China state-sponsored Advanced Persistent Threat (APT) actor,” a Treasury Department letter to lawmakers stated. The department classified the intrusion as a “major cybersecurity incident,” adhering to its internal policies for such attacks.
The Treasury Department is now working alongside the FBI, intelligence agencies, and other cybersecurity experts to assess the full scope and impact of the breach. Officials have confirmed that the compromised service has been deactivated and that there is no current evidence suggesting the hackers maintain access to Treasury systems.
This incident is the latest in a series of high-profile cyberattacks attributed to state-sponsored actors. It underscores the growing threat to critical government infrastructure and the escalating tensions in the realm of international cybersecurity.