The US Treasury Department has confirmed a significant cybersecurity breach, blaming state-sponsored hackers from China.
The Attack
According to Assistant Secretary for Management Aditi Hardikar, the breach stemmed from a compromised third-party software provider, BeyondTrust. Chinese hackers gained access to a key that allowed them remote access to Treasury employees’ workstations. This allowed them to access unclassified documents.
The Treasury immediately contacted the Cybersecurity and Infrastructure Security Agency (CISA), the FBI, the Intelligence Community, and outside experts to investigate. The investigation concluded that the attack was carried out by a Chinese state-sponsored Advanced Persistent Threat (APT) group. APTs are known for stealing sensitive information, conducting espionage, and potentially sabotaging critical infrastructure.
The Aftermath
The compromised BeyondTrust service has been shut down, and the Treasury says there’s no evidence that the hackers still have access to their systems.
China’s Response
China’s Ministry of Foreign Affairs spokesperson, Mao Ning, denied any involvement, calling the accusations baseless and lacking evidence. They stated that China opposes all forms of cyberattacks.
Next Steps
The Treasury Department will hold a classified briefing for House Financial Services Committee staff in the coming days to provide further details.
