In a major breach of security, Chinese state-sponsored hackers gained access to the U.S. Treasury Department’s systems this month, reaching unclassified documents and employee workstations, officials confirmed Monday.
The hackers exploited a vulnerability in third-party software provider BeyondTrust, using a stolen key to bypass security measures on a cloud-based service supporting remote technical assistance, according to a letter to lawmakers.
The breach, deemed a “major cybersecurity incident,” was discovered Dec. 8 when BeyondTrust flagged suspicious activity. Treasury officials said the hackers accessed Departmental Offices (DO) user workstations and documents but noted “no evidence” of continued access.
The attack was attributed to a Chinese-linked advanced persistent threat (APT) group, a claim Beijing denied as “baseless.” BeyondTrust said it had addressed the issue and cooperated with investigators.
The Treasury is working with the FBI, the Cybersecurity and Infrastructure Security Agency (CISA), and others to assess the breach’s impact. Analysts say it reflects a broader pattern of espionage targeting critical U.S. systems through third-party services.
Treasury Secretary Janet Yellen said the department is committed to strengthening cybersecurity. A supplemental report is expected within 30 days.
The New Jersey Digest is a new jersey magazine that has chronicled daily life in the Garden State for over 10 years.