Documents and workstations of the US Treasury Department were accessed during a cyberattack, The New York Times reports. The attack was linked to a “Chinese state-sponsored advanced persistent threat actor” and was called a “major cybersecurity incident.”
According to a letter the Treasury Department shared with lawmakers (via TechCrunch), U.S. officials were made aware of the problem on December 8, when BeyondTrust, a third-party software company, said a security key used to provide technical support was being used to access workstations and unclassified documents .
The Treasury Department said it worked with the Cybersecurity and Infrastructure Security Agency (CISA) and the FBI to understand the full scope of the breach, but did not say how long files and workstations were accessible or what was actually consulted. Engadget has contacted the US Treasury Department and will update this article as soon as we know more.
The cyberattack follows an equally worrying, but distinct, phenomenon. violation of American telecommunications operators which was revealed in October 2024. This cyberattack was carried out by a Chinese hacking group called “Salt Typhoon”. The attackers gained access to unencrypted SMS messages and call logs of politicians, government officials and others. month before the breach was discovered.
