‘Major incident’: China-backed hackers breached US Treasury workstations
CNN
The US Treasury Department notified lawmakers on Monday that a China state-sponsored actor infiltrated Treasury workstations in what officials are describing as a “major incident.”
The US Treasury Department notified lawmakers on Monday that a China state-sponsored actor infiltrated Treasury workstations in what officials are describing as a “major incident.” In a letter reviewed by CNN, a Treasury official said it was informed by a third-party software service provider on December 8 that a threat actor used a stolen key to remotely access certain Treasury workstations and unclassified documents. “Based on available indicators, the incident has been attributed to a Chinese state-sponsored Advanced Persistent Threat (APT) actor,” Aditi Hardikar, assistant secretary for management at the US Treasury, wrote in the letter. A Treasury spokesperson said in a statement to CNN that the compromised service has been taken offline and officials are working with law enforcement and the Cybersecurity and Infrastructure Security Agency (CISA). “There is no evidence indicating the threat actor has continued access to Treasury systems or information,” the Treasury spokesperson said. This is a developing story and will be updated.