Chinese Hacker Breaches US Treasury Department in Major Cyber Security Incident

A Chinese state-sponsored hacker infiltrated the US Treasury Department’s systems earlier this month, gaining access to employee workstations and some unclassified documents, US officials confirmed on Monday. The breach has been classified as a “major incident” by the Treasury Department, which notified lawmakers of the attack.

The hack was carried out using a key that bypassed security systems through a third-party service provider, Beyond Trust, which offers remote technical support to Treasury employees. The third-party service has since been taken offline, and initial investigations show no evidence that the hacker continued to access sensitive information after the breach was discovered. The Treasury Department is collaborating with the FBI, the cyber security and Infrastructure Security Agency (CISA), and third-party forensic investigators to assess the full scope of the incident.

According to Treasury officials, the breach is attributed to a “China-based Advanced Persistent Threat (APT) actor.” The hack occurred between December 2 and 8, when suspicious activity was first noticed by Beyond Trust. Although the specific documents accessed have not been disclosed, the breach is believed to be focused on espionage rather than financial theft.

The Chinese embassy in Washington has denied the accusation, calling it a “smear attack” and insisting that it lacks a factual basis. The embassy urged a more responsible approach to cyber incidents, suggesting that attributing attacks to specific actors can be difficult without sufficient evidence.

This breach is the latest in a series of high-profile cyber-attacks believed to be linked to Chinese espionage efforts, following another hack in December that targeted telecommunications companies, potentially exposing large volumes of personal data. The Treasury Department has vowed to strengthen its cyber security measures and will provide further updates on the incident in the coming weeks.