The US Treasury Department has confirmed a cybersecurity breach perpetrated by Chinese hackers, marking a significant incident of security compromise within the agency. According to reports, hackers with ties to China managed to infiltrate certain US Treasury computers, gaining unauthorized access to specific unclassified documents stored on Treasury workstations.
The breach was brought to light when BeyondTrust, a third-party software provider, alerted the Treasury Department on December 8 regarding a hacker obtaining access to a crucial key utilized by BeyondTrust to enter a cloud-based service offering remote technical support. Aditi Hardikar, the Treasury’s assistant secretary for management, disclosed in a letter to Congress that the hackers were able to retrieve “certain unclassified documents” through the compromised Treasury workstations.
Describing the breach as a “major cybersecurity incident,” Hardikar clarified that the hackers no longer have ongoing access to the agency’s information. The breach underscores the increasing threat posed by cyberattacks and highlights the vulnerabilities that government agencies face in safeguarding sensitive data.
In response to the allegations, the Chinese embassy in Washington DC vehemently denied the accusations, emphasizing that the US was engaging in baseless “smear attacks” against China without factual grounds. The embassy issued a statement to Bloomberg asserting that the US should refrain from utilizing cybersecurity as a tool for defaming and maligning China, calling for an end to the dissemination of unsubstantiated claims regarding Chinese cyber threats.
Meanwhile, BeyondTrust confirmed that a “limited number of customers” were impacted by the security breach, with affected clients already notified and offered necessary support. The company, which is based in Georgia, maintains federal government contracts amounting to over $4 million, as per government data compiled by Bloomberg.
This breach at the US Treasury Department coincides with ongoing investigations into a prolonged hacking campaign originating from China, as indicated by US security officials. The probe was initiated following alerts from Microsoft, which identified the hacker group responsible for the cyber intrusions as “Salt Typhoon.”
White House Deputy National Security Advisor, Anne Neuberger, revealed in a recent briefing that while data belonging to millions of Americans may have been compromised, the focus of the hack appeared to be targeted towards senior US officials. Neuberger emphasized that the intercepted communications seemed to primarily target high-ranking political figures, indicating a deliberate and strategic motive behind the cyber espionage.
The revelation of the cybersecurity breach at the US Treasury Department underscores the persistent and evolving threat posed by state-sponsored hacking activities, necessitating heightened vigilance and robust cybersecurity measures to protect critical government infrastructure and sensitive information from malicious actors.
