Mon Dec 30 22:04:14 UTC 2024: ## China-backed Hackers Steal Unclassified US Treasury Documents
**Washington D.C.** – The US Treasury Department revealed Monday that Chinese state-sponsored hackers stole unclassified documents from its systems earlier this month. The breach, described as a “major incident,” exploited a vulnerability in a third-party cybersecurity service provider, BeyondTrust.
According to a letter sent to Congress, the hackers gained access to a security key used by BeyondTrust to manage a cloud-based remote support service. This allowed them to access certain Treasury workstations and steal unclassified documents. The Treasury Department was alerted to the breach on December 8th and immediately took action to secure its systems. The compromised BeyondTrust service has been taken offline, and officials say there is no evidence of ongoing access.
The Treasury Department is working with the Cybersecurity and Infrastructure Security Agency (CISA) and the FBI to fully assess the damage. A supplemental report with further details is expected later. The incident has been directly attributed to a Chinese state-sponsored Advanced Persistent Threat (APT) actor.
This attack comes amidst heightened tensions between the US and China. President-elect Trump has previously threatened China with trade tariffs and accused the country of failing to address the flow of fentanyl into the US. Both Republicans and Democrats have expressed concern over increasing cyber threats from China. This incident follows previous accusations of Chinese cyberattacks, including a September announcement by the Department of Justice that it disrupted a network affecting 200,000 devices worldwide. China has consistently denied any involvement in such attacks.
First Piper 