U.S. Treasury Department Breached by China-Sponsored Actor Via Third-Party Service

Dec 31, 2024, 01:16 AM

The U.S. Treasury Department was breached by a China-sponsored actor earlier this month, according to a letter sent to Congress. The breach, described as a 'major incident,' was facilitated through a third-party cybersecurity service, BeyondTrust, which was used to remotely access Treasury workstations and obtain certain unclassified documents. The compromised service has since been taken offline, and there is no evidence that the threat actor continues to have access to Treasury systems or information. The Treasury Department is working with the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) to assess the full impact of the incident and plans to provide more details within 30 days. Meanwhile, China has denied the allegations, labeling them as 'groundless' and accusing the U.S. of spreading disinformation for political purposes.