U.S. Treasury says Chinese government-backed hackers broke into U.S. Treasury computers
Unlock the White House Watch newsletter for free
A guide to what the 2024 US election means for Washington and the world
A Chinese government-sponsored hacker conducted a “significant cybersecurity incident” against the U.S. Treasury Department through a third-party service provider, the Treasury Department said on Monday.
A letter to the Senate Banking Committee seen by the Financial Times said the Treasury learned on December 8 from software company BeyondTrust that a hacker had breached a number of remote government workstations by obtaining security keys. , and in turn obtained unclassified documents about them.
“Based on available indications, this incident was committed by a Chinese state-sponsored Advanced Persistent Threat (APT) actor,” the letter said. “Per Treasury policy, intrusions caused by APT are considered a major cybersecurity incident.”
The department said it has been working with the FBI and other investigators from the broader intelligence community to determine the impact of the hack. It added that “there is currently no evidence that threat actors continue to access Treasury information”.
A Treasury spokesman said in a separate statement on Monday that the agency “takes all threats to our systems and the data they hold very seriously.”
“We will continue to work with private and public sector partners to protect our financial system from threat actors,” the person added.
“We hope that relevant parties will characterize cyber incidents in a professional and responsible manner and draw conclusions based on sufficient evidence instead of baseless speculation and accusations,” Liu Pengyu, spokesman for the Chinese Embassy in Washington, said on Monday.
“The United States needs to stop using cyber security to smear and slander China, and stop spreading all kinds of false information about the so-called threat from Chinese hackers.”
The leak is the latest cybersecurity breach involving a U.S. target, allegedly conducted on behalf of China.
In October, the Biden administration said it was investigating what the FBI and the Cybersecurity and Infrastructure Security Agency described as “unauthorized access to commercial telecommunications infrastructure by affiliates of the People’s Republic of China.” Hackers reportedly targeted the phones of President-elect Donald Trump and his running mate JD Vance ahead of the US election.
The U.S. Commerce Department took steps in September to limit China’s access to U.S. data, proposing a ban on Chinese software and hardware in vehicles with built-in internet connections, underscoring the level of concern.
