Chinese Hackers Access US Treasury Department Workstations, Documents
Chinese hackers remotely accessed several U.S. Treasury Department workstations and unclassified documents after compromising a third-party software service provider, the agency said Monday. The hack was attributed to Chinese state-sponsored culprits and was being investigated as a “major cybersecurity incident.”
The Treasury Department did not provide details on how many workstations had been accessed or what sort of documents the hackers may have obtained, but it said there was no evidence indicating the threat actor has continued access to Treasury information. The hack was discovered on December 8, when a third-party software service provider, BeyondTrust, flagged that hackers had stolen a key used to secure a cloud-based service.
The compromised service has since been taken offline, and the Treasury Department is working with the FBI and other agencies to investigate the impact of the hack. A department spokesperson said the agency takes all threats against its systems and data seriously and will continue to work with private and public sector partners to protect the financial system from threat actors.
China’s Foreign Ministry spokesperson, Mao Ning, denied any involvement in the hack, saying that China consistently opposes all forms of hacking and is opposed to the dissemination of false information against China for political purposes. The incident comes as U.S. officials are continuing to grapple with the fallout of a massive Chinese cyberespionage campaign known as Salt Typhoon.