By South China Morning Post | Created at 2024-12-30 22:06:23 | Updated at 2025-01-02 20:50:29
2 days ago
The US Treasury Department was hacked by a Chinese state-sponsored actor through a third-party software service provider, the agency said in a letter to Congress on Monday.
“On December 8, 2024, Treasury was notified by a third-party software service provider, BeyondTrust, that a threat actor had gained access to a key used by the vendor to secure a cloud-based service used to remotely provide technical support for Treasury Departmental Offices (DO) end users,” according to the letter seen by Bloomberg News.
“Based on available indicators, the incident has been attributed to a China state-sponsored Advanced Persistent Threat (APT) actor.”
The hacker was able to remotely access certain Treasury workstations and “certain unclassified documents maintained by those users”, the department said in the letter to Senators Sherrod Brown and Tim Scott.
“The compromised BeyondTrust service has been taken offline and there is no evidence indicating the threat actor has continued access to Treasury systems or information,” a Treasury spokesperson said.
BeyondTrust did not immediately respond to a request for comment.
