Chinese hackers accessed the US Treasury Department’s systems in what officials call a “major incident.” The attack, attributed to a state-sponsored group, occurred earlier this month and targeted employee workstations and unclassified documents. The breach was disclosed in a letter to lawmakers, highlighting its severity.
Investigation and Response Efforts
The Treasury Department, in collaboration with the FBI and cybersecurity experts, is assessing the hack’s impact. Hackers exploited a security flaw in BeyondTrust, a third-party service used for remote technical support. BeyondTrust has since been taken offline. Officials confirmed no further unauthorized access after initial detection.
China dismissed the accusations, labeling them as “baseless.” A Chinese foreign ministry spokeswoman reiterated the country’s opposition to hacking and condemned what she called politically motivated falsehoods.
Details of the Incident
The breach, detected on December 2 and confirmed three days later, allowed hackers to access Treasury workstations and unclassified files. Investigators suspect the hackers aimed to gather intelligence rather than steal funds. Officials have not disclosed the nature of the accessed files or the affected employees’ seniority. A supplemental report will be sent to lawmakers within 30 days.
This attack adds to a series of alleged Chinese espionage activities targeting the US, including a December breach of telecom companies.