China hacked the US Treasury Department to access workstations and documents, the agency says
Chinese hackers have remotely accessed several US Treasury Department workstations and unclassified documents after compromising a third-party software service provider, the agency said Monday.
The department did not provide details on how many workstations were accessed or what type of documents the hackers were able to obtain, but in a letter to lawmakers disclosing the breach, it said there is “no evidence at this time to indicate that the threat actor continued to access Treasury Department information.” .”
“The Treasury takes any threats to our systems and the data it holds very seriously,” the department said.
“Over the past four years, the Treasury Department has significantly strengthened its cyber defenses, and we will continue to work with private and public sector partners to protect our financial system from threat actors.”
The letter described the hack as a “major incident”.
The department said it became aware of the problem on Dec. 8 when a third-party software services provider, BeyondTrust, flagged that hackers had stolen a key used by a vendor that helped it override the system and gain remote access to several employees’ workstations.
The compromised service has since been shut down and there is no evidence that the hackers still have access to the department’s information, Aditi Hardikar, assistant secretary of finance, said in a letter Monday to leaders of the Senate Banking Committee.
The department said it was working with the FBI and the Cybersecurity and Infrastructure Security Agency and attributed the hack to Chinese culprits.
He did not elaborate.
The revelation comes as US officials continue to grapple with the fallout from China’s massive cyber espionage scandal known as Salt Typhoon, which gave officials in Beijing access to the private messages and phone conversations of an unknown number of Americans.
A senior White House official said Friday that the number of telecommunications companies affected by the hack has now risen to nine.
