Chinese Hackers Remotely Access US Treasury Department Workstations, Unidentified Documents
The US Treasury Department revealed on Monday that Chinese hackers had remotely accessed several of its workstations and unclassified documents after compromising a third-party software service provider. The hack, which is being investigated as a “major cybersecurity incident,” was discovered on December 8 when a third-party software service provider, BeyondTrust, flagged that hackers had stolen a key used to secure a cloud-based service used to remotely provide technical support to workers.
According to a letter to lawmakers, it is not clear how many workstations were accessed or what type of documents were obtained, but the Treasury Department stated that there is currently no evidence indicating the hackers still have access to Treasury information. The department is working with the FBI and the Cybersecurity and Infrastructure Security Agency to investigate the incident.
China has denied any involvement in the hack, with a foreign ministry spokesperson stating that the country has always opposed all forms of hacker attacks and is opposed to the spread of false information against China for political purposes. A Chinese Embassy spokesman also dismissed the allegations, calling them an effort to “smear” China’s reputation.
The revelation comes as US officials continue to grapple with the fallout from a massive Chinese cyberespionage campaign known as Salt Typhoon, which gave officials in Beijing access to private texts and phone conversations of an unknown number of Americans.