The Biden administration revealed on Monday, December 30, that the U.S. Treasury Department had fallen victim to a significant cybersecurity breach, allegedly orchestrated by a Chinese state-sponsored hacking group.
This attack allowed the hackers to infiltrate government employees’ workstations and gain access to unclassified documents.
The breach marks the latest in a series of sophisticated cyberattacks targeting major U.S. institutions, raising new concerns over national security.
The Treasury Department disclosed in a letter to lawmakers that the breach was discovered on December 8, when BeyondTrust, a third-party software provider, identified suspicious activity.
The hackers had obtained a security key, which granted them remote access to specific Treasury workstations.
The department labeled the intrusion a “major cybersecurity incident” and attributed it to a Chinese Advanced Persistent Threat (APT) actor.
While the hackers’ exact objectives remain unclear, senior U.S. officials suggest that the operation was primarily focused on espionage, rather than disrupting critical infrastructure.
The Treasury oversees sensitive data concerning global financial systems, U.S. sanctions, and key insights into China’s economic challenges—all of which are of significant interest to the Chinese government.
This breach follows a pattern of recent cyberattacks linked to Chinese intelligence.
READ ALSO: Texas Cheerleader Arrested for Poisoning Fellow Student’s Goat
Previously, the hacking group, identified as Salt Typhoon, accessed the email accounts of U.S. officials, including Commerce Secretary Gina Raimondo, as well as targeted U.S. telecommunications firms.
These attacks have raised fears over Beijing’s ability to monitor top U.S. officials and counterintelligence efforts.
In response, the Treasury Department has collaborated with the FBI, intelligence agencies, and other partners to investigate the incident.
The compromised service has been taken offline, and officials believe the hackers no longer have access to Treasury systems.
Despite this, the breach highlights ongoing cybersecurity vulnerabilities and the complex nature of U.S.-China relations in the digital era.
A Treasury spokesperson emphasized the department’s commitment to securing its systems and improving cybersecurity measures in coordination with both public and private sectors.