Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
The US Treasury told lawmakers in a letter Monday that it was the victim of a cyberattack in early December, which the department said was carried out by Chinese government hackers.
In a letter shared with law enforcement officials at the US House, which TechCrunch has seenThe Treasury Department said hackers had accessed the Treasury’s workstations and were able to access classified documents, which it said was a “major cyber security incident.”
The Treasury said it was notified on December 8 by BeyondTrust, a company that provides access to identity and technology support for large corporations and government departments, that hackers “gained access to the keys they sell” by providing remote technical support to Treasury employees. BeyondTrust revealed what happened at that timebut he did not say how the key was obtained.
A spokesperson for BeyondTrust did not respond to a request for comment by press time.
The letter said the department contacted the US cybersecurity agency CISA for assistance and, as of December 30, “has no evidence that the threat actor continues to gain access to Treasury information.”
The Treasury confirmed in the letter that it said the breach was caused by the support of the Chinese government excessive threat group, showing support from the Chinese government. It is not clear which party caused the disturbance, and the spokesman would not say.
In a brief statement, Treasury spokesman Michael Gwin said the hackers were able to “remotely access multiple Treasury user sites and countless other documents stored by those users.”
“Treasury is focused on all threats to our systems, and its assets. Over the past four years, the Treasury has strengthened cyber security, and we will continue to work with private and public organizations to protect our funds from those who threaten them,” said the spokesperson.
This is the latest type of cyberattack linked to China that has targeted the US government in recent months. Chinese hackers called Salt Tycoon were behind a cyberattack waves targeting US phone companies and internet giants, including AT&T and Verizon, in order to gain access to US government officials, including presidential candidates.
A spokesman for the Chinese embassy in Washington, DC, Liu Pengyu, denied that the United States government had said that the Chinese government was playing video games, saying that the United States had not provided evidence of what they were saying.
Updated with comments from the Chinese government.
Do you know more about the BeyondTrust cyberattack or what happened to the Treasury? Connect securely on Signal and WhatsApp at +1 646-755-8849 You can also send files and documents via SecureDrop.
