in News

US Treasury Department Hit by Major Cybersecurity Breach Linked to Chinese Hackers

In early December, the US Treasury Department suffered a cybersecurity breach attributed to a China-based Advanced Persistent Threat (APT) actor.
In early December, the US Treasury Department suffered a cybersecurity breach attributed to a China-based Advanced Persistent Threat (APT) actor.
  • In early December, the US Treasury Department suffered a cybersecurity breach attributed to a China-based Advanced Persistent Threat (APT) actor.
  • Hackers exploited a vulnerability in BeyondTrust, a third-party service provider, to access Treasury workstations and unclassified documents.
  • The FBI, the Cybersecurity and Infrastructure Security Agency, and third-party forensic experts are investigating the breach.
  • Chinese officials have denied the allegations, calling them baseless and part of a smear campaign.

The Breach

In early December, the US Treasury Department reported a “major incident” involving a cybersecurity breach linked to a China-based hacking group. The hackers exploited a security key from BeyondTrust, a third-party service provider offering remote technical support.

Contents
The BreachTimeline and InvestigationChinese Embassy ResponseBroader Context

The breach allowed remote access to several Treasury user workstations and unclassified documents, although the exact nature of the accessed files remains unclear. Officials confirmed no continued access since BeyondTrust was taken offline.

Timeline and Investigation

The suspicious activity was first detected on December 2 but was only confirmed as a hack three days later. Treasury officials were notified on December 8. Investigators, including the FBI and other agencies, are assessing the breach’s overall impact.

Treasury officials believe the breach was an act of espionage, with hackers seeking sensitive information rather than attempting to steal funds.

Chinese Embassy Response

Chinese embassy spokesperson Liu Pengyu denied the allegations, stating that attributing cyberattacks is complex and that accusations against China are unfounded.

“The US needs to stop using cybersecurity to smear and slander China,” Liu said, urging for conclusions based on evidence rather than speculation.

Broader Context

This incident follows other high-profile breaches attributed to Chinese hackers, including a December hack targeting US telecoms companies. The Treasury Department is preparing a supplemental report on the incident for lawmakers within 30 days.

The breach highlights ongoing vulnerabilities in third-party systems and the persistent threat of state-sponsored cyberattacks. As investigations continue, the incident underscores the importance of robust cybersecurity measures and international accountability.

Join KenyanTrend on Telegram
Former Deputy President Rigathi Gachagua met ex-MPs and MCAs from Mt. Kenya to discuss political strategies for 2025.

Rigathi Gachagua Holds Strategic Talks with Mt. Kenya Leaders, Eyes Western Kenya’s Political Future
The High Court has ordered the National Police Service to release six reportedly abducted individuals.

High Court Orders Police to Free the Six Abductees ASAP