website hit counter
Tuesday, March 18, 2025
Tuesday, March 18, 2025

HomeInternational NewsUS Treasury says Chinese hackers stole documents in 'major incident'

US Treasury says Chinese hackers stole documents in ‘major incident’

US Treasury says Chinese hackers stole documents in ‘major incident’

spot_img

Chinese state-sponsored hackers breached U.S. Treasury Department computer security this month and stole documents in what Treasury officials called a “major incident,” according to a letter provided to Reuters on Monday.

The hackers compromised a third-party cybersecurity service provider, BeyondTrust, and were able to access unclassified documents, the letter said.

According to the article, the hackers “gained access to a key used by the vendor to secure a cloud-based service used by Treasury Department offices (DO) to provide remote technical support to end users. With access to the stolen key, the threat actor was able to bypass the service’s security, remotely access certain Treasury DO user workstations, and access certain unclassified documents maintained by those users.”

“Based on available indicators, the incident has been attributed to a China state-sponsored Advanced Persistent Threat (APT) actor,” the letter said.

The Treasury Department said it was alerted to the breach by BeyondTrust on Dec. 8 and that it was working with the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the FBI to assess the impact of the hack.

Treasury officials responded to emails seeking more details about the breach The FBI did not immediately respond to Reuters’ requests for comment, and CISA referred questions back to the Treasury Department.

“China has always opposed all forms of hacker attacks,” Mao Ning, a spokesman for China’s Foreign Ministry, said at a regular news briefing on Tuesday.

A spokesman for the Chinese Embassy in Washington denied any responsibility for the hacking, saying Beijing “firmly opposes the US’s smear attacks on China without any factual basis.”

A spokesman for BeyondTrust, based in Johns Creek, Georgia, told Reuters in an email that the company “previously identified and took steps to resolve a security incident related to its remote support product in early December 2024.” BeyondTrust has “notified a limited number of affected customers” and has notified law enforcement, the spokesperson said. “BeyondTrust is assisting with investigative efforts.”
A statement on the company’s website shared some details of the investigation, noting that a digital key was compromised in the incident and that an investigation is ongoing, the spokesperson said. The statement was last updated on December 18.

Tom Hagel, a threat researcher at cybersecurity firm SentinelOne (S.N.), opens in a new tab, said the reported security incident “fits a well-documented pattern of operations by PRC-linked groups and focuses specifically on the misuse of trusted third-party services — a pattern that has become increasingly prominant in recent years,” he said, using an acronym for the People’s Republic of China.

Latest articles

IGP Deshabandu Still Missing as President AKD Vows Crackdown on Crime

Sri Lankan police are still searching for their own chief, while President Anura Kumara...

SC Holds State Liable for Illegal PTA Detention Order Issued by Gota

The Supreme Court has ruled that a detention order issued by then-President Gotabaya Rajapaksa...

Peru declares state of emergency, deploys army as violence surges in capital

Amid widespread protests a day after the killing of a popular singer, Peru’s president...

Israel launches ‘extensive strikes’ on Gaza, at least 220 reported dead

The Israeli military says it is carrying out "extensive strikes" on the Gaza Strip,...

More like this

Peru declares state of emergency, deploys army as violence surges in capital

Amid widespread protests a day after the killing of a popular singer, Peru’s president...

Israel launches ‘extensive strikes’ on Gaza, at least 220 reported dead

The Israeli military says it is carrying out "extensive strikes" on the Gaza Strip,...

Mexican President Says Old Phone, Email were Hacked

Mexican President Claudia Sheinbaum’s old phone and email have been hacked, Reuters reported on...