The breach originated through a compromised service called BeyondTrust, which has since been taken offline. According to officials, the attack was executed by an Advanced Persistent Threat (APT) actor based in China, which aligns with previous accusations of cyber espionage from US officials against China, who have consistently refuted these claims. The Treasury has emphasized its commitment to safeguarding sensitive data and has taken immediate action to investigate the issue and prevent any future breaches. Further updates on this evolving situation are anticipated as investigations continue.
US Treasury Department Suffers Major Cyber Breach Linked to Chinese Hackers
US Treasury Department Suffers Major Cyber Breach Linked to Chinese Hackers
Chinese state-sponsored cyber attackers infiltrate US Treasury systems, raising alarm over national security.
In a significant cybersecurity incident, the US Treasury Department has reported being hacked by a Chinese state-sponsored group, exposing employee workstations and unclassified documents. The breach, discovered in early December and revealed in a letter to lawmakers, involved the exploitation of a third-party service provider’s key meant for remote technical assistance. The Treasury has labeled the attack as a "major incident" and is collaborating with the FBI and various cybersecurity agencies to assess the damage and secure its systems.
