US Treasury officials have written to members of Congress detailing how state-sponsored Chinese hackers breached the cybersecurity protections of US Treasury computers this month and stole documents, describing the incident as “major,” Reuters reported.
The letter to members of Congress said the hackers breached BeyondTrust’s cybersecurity service provider and gained access to unclassified documents. The hackers were able to access a key the provider uses to secure an online service used to provide remote technical support to Treasury users.
After successfully obtaining this information, the hackers were able to bypass the provider’s security portal, gain remote access to specific workstations of Treasury users, and access some unclassified documents held by those users.
Based on available indicators, the incident is attributed to a Chinese state-sponsored advanced persistent threat (APT) actor.
The US Treasury Department said it was notified of the breach by service provider BeyondTrust on December 8, 2024, and is working with the US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI to assess the impact of the breach.
Discover more from Daily NEWS Global 24/7
Subscribe to get the latest posts sent to your email.