In a significant cybersecurity breach, the U.S. Treasury Department reported that Chinese state-sponsored hackers accessed several workstations and unclassified documents earlier this month. This incident was executed via a compromised third-party software service provider, BeyondTrust, which was alerted to the breach on December 8. The department indicated in its letter to lawmakers that the hackers had stolen a key that enabled them to override security measures.

The Treasury characterized this breach as a "major incident" and stated that there is currently no evidence to suggest that the hackers still have ongoing access to the department's sensitive information. An investigation has been initiated in collaboration with the Cybersecurity and Infrastructure Security Agency (CISA) and the FBI, focusing on fully understanding the impact of the breach.

According to Aditi Hardikar, an assistant secretary at the Treasury, the intruders managed to gain unauthorized access due to the critical key exploited by the Chinese state-sponsored actor. The information accessed pertained to unknown unclassified documents and impacted several workstations used by Treasury employees. In the letter to Congress, the Treasury highlighted, “Treasury takes very seriously all threats against our systems and the data it holds.”

While the compromised service has been taken offline, the incident is seen in light of broader patterns of cyber intrusions associated with Chinese hacking initiatives, especially concerning telecommunications and government agencies in the U.S. This breach comes amid a backdrop of concerns regarding Chinese cyber espionage activities targeting crucial sectors in the country.

The Chinese government has denied involvement in these attacks, labeling accusations as "groundless" and claiming to oppose all forms of cyberterrorism.

For more details, visit the original sources: HuffPost, South China Morning Post, CNN.