In early December, the US Treasury Department identified that a China-based hacker had infiltrated its systems by exploiting a vulnerability in the software of a third-party service provider meant for technical support. This incident, characterized as a "major cybersecurity incident," was disclosed in a letter addressed to lawmakers. The compromised service, BeyondTrust, has since been deactivated as an immediate precaution.
The breach was uncovered on December 8 when BeyondTrust alerted the Treasury. Law enforcement agencies, including the FBI and the Cybersecurity and Infrastructure Security Agency, have been mobilized to investigate the incident's extent and implications. Although the exact durations of unauthorized access remain unclear, officials confirmed that several user workstations and unclassified documents were involved.
Treasury officials have classified the activity as being from an Advanced Persistent Threat (APT) actor based in China and are committed to bolstering their security measures in response. US officials have a history of accusing China of cyber espionage, a claim that Chinese authorities consistently refute.
As the investigation unfolds, updates will be provided, and users are encouraged to stay tuned for more comprehensive coverage on this developing incident.
The breach was uncovered on December 8 when BeyondTrust alerted the Treasury. Law enforcement agencies, including the FBI and the Cybersecurity and Infrastructure Security Agency, have been mobilized to investigate the incident's extent and implications. Although the exact durations of unauthorized access remain unclear, officials confirmed that several user workstations and unclassified documents were involved.
Treasury officials have classified the activity as being from an Advanced Persistent Threat (APT) actor based in China and are committed to bolstering their security measures in response. US officials have a history of accusing China of cyber espionage, a claim that Chinese authorities consistently refute.
As the investigation unfolds, updates will be provided, and users are encouraged to stay tuned for more comprehensive coverage on this developing incident.
