Unclassified documents were stolen after a hack earlier this month, according to a letter Treasury sent to Congress.
Chinese state-sponsored hackers managed to steal unclassified documents from U.S. Treasury workstations earlier this month, the U.S. Treasury Department said.
The department said Monday that hackers successfully compromised a third-party cybersecurity service provider and accessed documents in what it described as a “major incident.”
“[The hackers] gained access to a key used by the vendor to secure a cloud-based service used to remotely provide technical assistance to end users at Departmental Offices of the Treasury (DO), says a letter sent by the U.S. Department of the Treasury in Congress. “By accessing the stolen key, the malicious actor was able to override the security of the service, remotely access certain workstations of Treasury DO users, and gain access to certain unclassified documents maintained by those users.”
A Treasury statement said the department “takes all threats to our systems and the data they hold very seriously.”
The Treasury Department was alerted to the hack by cybersecurity vendor BeyondTrust on December 8. The department says it is working with the US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI to assess the impact of the hack.
“The compromised BeyondTrust service has been taken offline and there is no evidence to indicate that the threat actor continued to access Treasury systems or information,” a Treasury spokesperson told AFP. Department of the Treasury.
The letter to leaders of the U.S. Senate Banking Committee directly blamed China, saying the incident had been “attributed to a Chinese state-sponsored advanced persistent threat (APT) actor.”
An APT is a cyberattack in which the hacker can maintain undetected and unauthorized access to a target for a period of time.
The Treasury Department said more information would be released later in a supplemental report.
The hacking announcement comes less than a month before the inauguration of US President-elect Donald Trump.
Trump threatened China with trade war and tariffs, saying Beijing hadn’t done enough to stop the flow of fentanyl, an opioid, into the United States.
Both Republicans and Trump’s Democrats have warned of Chinese threats against the United States, particularly in the area of cybersecurity.
In September, the US Department of Justice said it had stopped a cyberattack network run by Chinese-backed hackers that had affected 200,000 devices worldwide.
And earlier in December, the United States sanctioned a Chinese cybersecurity company and a researcher into a 2020 attack that attempted to exploit a software vulnerability in the company’s firewalls.
China has denied any involvement in these attacks and says it opposes any form of cyber attack.
