Published: 5:56am, 31 Dec 2024Updated: 7:31am, 31 Dec 2024
The US Treasury Department was hacked by a Chinese state-sponsored actor through a third-party software service provider, the agency said in a letter to Congress on Monday.
Advertisement
Treasury described the intrusion as a “major cybersecurity incident”, since it was attributed to a state-sponsored actor, according to the letter, which was reviewed by Bloomberg News.
Treasury was notified on December 8 by a third-party software provider, BeyondTrust, that a hacker had gained access “to a key used by the vendor to secure a cloud-based service used to remotely provide technical support for Treasury Departmental Offices (DO) end users”, according to the letter.
The department is being helped by the Cybersecurity and Infrastructure Security Agency, the Federal Bureau of Investigation (FBI), the intelligence community and third-party forensic investigators.
Based on available information, advanced hackers tied to China were behind the incident, according to the letter.
Advertisement
The Chinese embassy in Washington did not immediately respond to a request for comment, nor did a representative for BeyondTrust.
The hacker was able to remotely access certain Treasury workstations and “certain unclassified documents maintained by those users”, the department said in the letter to Senators Sherrod Brown and Tim Scott.