Chinese state-sponsored hackers infiltrated US Treasury workstations, accessing unclassified documents, according to a letter from the Treasury Department to lawmakers. The incident, described as a major cybersecurity event, involved a stolen key used to override security measures on a cloud-based service.
The US Treasury Department notified lawmakers on Monday that a China state-sponsored actor infiltrated Treasury workstations in what officials are describing as a major incident. In a letter reviewed by CNN, a Treasury official said it was informed by a third-party software service provider on December 8 that a threat actor used a stolen key to remotely access certain Treasury workstations and unclassified documents.
“Based on available indicators, the incident has been attributed to a Chinese state-sponsored Advanced Persistent Threat (APT) actor,” Aditi Hardikar, assistant secretary for management at the US Treasury, wrote in the letter. A Treasury spokesperson said in a statement to CNN that the compromised service has been taken offline and officials are working with law enforcement and the Cybersecurity and Infrastructure Security Agency (CISA). “There is no evidence indicating the threat actor has continued access to Treasury systems or information,” the Treasury spokesperson said. According to the letter to Senate Banking Committee leadership, the third-party software service provider, BeyondTrust, said hackers gained access to a key used by the vendor to secure a cloud-based service that Treasury uses for technical support. “With access to the stolen key, the threat actor was able to override the service’s security, remotely access certain Treasury user workstations, and access certain unclassified documents maintained by those users,” the Treasury letter said. BeyondTrust did not immediately respond to a request for comment. It’s not clear exactly how many workstations were infiltrated. However, the Treasury spokesperson said in the statement that “several” Treasury user workstations were accessed. Hardikar said in the letter that based on Treasury policy, intrusions attributed to advanced persistent threat actors are considered a “major cybersecurity incident.” Treasury officials are required to provide an update in a 30-day supplemental repor
CYBERSECURITY CHINA US TREASURY DATA BREACH APT
United States Latest News, United States Headlines
Similar News:You can also read news stories similar to this one that we have collected from other news sources.
Chinese Hackers Breach U.S. Treasury DepartmentChinese hackers gained access to unclassified U.S. Treasury Department workstations through a third-party software provider. The breach was discovered in December 2022 and the compromised service has since been taken offline. There is no evidence of ongoing access to Treasury information.
Read more »
New Jersey cop charity accused of helping Chinese Communist party infiltrate US law enforcementToday's Video Headlines: 12/9/24
Read more »
U.S. officials ‘still working to expel’ Chinese hackers from massive telecom breachThis is additional taxonomy that helps us with analytics
Read more »
Salt Typhoon Chinese hackers still inside U.S. telecom networksAbdullah is an ardent believer in the future of VR, and can't wait to see what more it brings to the table as technology improves. He enjoys covering new software releases in the XR industry, as well as major news about hardware and companies focused on VR.
Read more »
Chinese hackers stole Americans’ phone data from 8 telecoms, U.S. officials sayKevin Collier is a reporter covering cybersecurity, privacy and technology policy for NBC News.
Read more »
Salt Typhoon: U.S. Official Reveals Chinese Hackers’ Large-Scale Metadata TheftA senior U.S. official announced that a Chinese hacking group known as 'Salt Typhoon' has stolen metadata from a significant number of Americans. The official confirmed that the ongoing cyberespionage campaign has targeted at least eight telecom companies in the U.S., including T-Mobile and Lumen. The extent of the data breach and its potential impact on U.S. citizens' privacy remains under investigation.
Read more »