Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Chinese state-sponsored actors hacked the Treasury Department in early December, accessing unclassified documents from their workstations, the agency said in a letter to lawmakers on Monday.
Hackers stole a key from a third-party software service provider, BeyondTrust, and used it to bypass security and gain access to Treasury workstations, according to the Treasury letter obtained by The Hill.
The agency no longer uses the compromised service and there is no evidence that the hackers still have access to Treasury information, he noted.
“Treasury takes all threats against our systems and the data they contain very seriously,” the agency said in a statement.
“Over the past four years, the Treasury has significantly strengthened its cyber defenses and we will continue to work with public and private sector partners to protect our financial system from threat actors,” he continued.
The agency is working with the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), the intelligence community and third-party investigators to examine the incident, according to the letter of Monday
He said he would provide lawmakers with additional information within 30 days, a requirement under current law for major cybersecurity incidents.
A spokesman for Senate Banking Ranking Member Tim Scott (RS.C.) said in a statement that the senator has requested a briefing on the hack and is “monitoring the situation closely.”
Rebecca Beitsch contributed to this report.
Story updated at 5:43 PM EDT
