Chinese hackers infiltrated several workstations and accessed unclassified documents within the US Treasury Department after compromising a third-party software service provider, the department reported on Monday.
The Treasury Department did not disclose the number of workstations accessed or the specific nature of the documents potentially obtained by the hackers.
However, in a letter to lawmakers revealing the breach, the department assured that “there is no evidence indicating the threat actor has continued access to Treasury information.” The breach is being treated as a “major cybersecurity incident.”
A department spokesperson stated separately, “Treasury takes very seriously all threats against our systems, and the data it holds.
“Over the last four years, Treasury has significantly bolstered its cyber defense, and we will continue to work with both private and public sector partners to protect our financial system from threat actors.”
In Beijing, a Foreign Ministry spokesperson reiterated China’s typical response to hacking allegations.
Mao Ning commented during a daily briefing, “We have repeatedly stated our position on such groundless accusations that lack evidence.
“China consistently opposes all forms of hacking, and we are even more opposed to the dissemination of false information against China for political purposes.”
This incident occurs as US officials continue to manage the repercussions of a large-scale Chinese cyberespionage campaign known as Salt Typhoon, which granted Beijing access to private texts and phone conversations of an unknown number of Americans. A senior White House official announced on Friday that the number of telecommunications companies confirmed to have been affected by the hack has now risen to nine.
The Treasury Department learned of the latest breach on December 8, when a third-party software service provider, BeyondTrust, reported that hackers had stolen a key “used by the vendor to secure a cloud-based service used to remotely provide technical support” to workers. This key enabled the hackers to bypass the service’s security and gain remote access to several employee workstations.
The compromised service has since been taken offline, and there is no evidence that the hackers still have access to department information, stated Aditi Hardikar, an assistant Treasury secretary, in a letter on Monday to Senate Banking Committee leaders.
The department is collaborating with the FBI, the Cybersecurity and Infrastructure Security Agency, and other entities to investigate the hack’s impact, attributing the breach to Chinese state-sponsored actors without further elaboration.
Follow us on:
