American flags are displayed with Chinese flags on top of a trishaw on Sept. 16, 2018, in Beijing. (AP File)
- Chinese hackers accessed U.S. Treasury workstations via a third-party software breach; no continued access to data found.
- Treasury Department calls breach a "major cybersecurity incident," attributing it to Chinese state-sponsored hackers; investigation is ongoing.
- The breach stems from a compromised vendor key; Treasury, FBI, and CISA are assessing the hack’s scope and impact.
Share
Getting your Trinity Audio player ready...
|
WASHINGTON — Chinese hackers remotely accessed several U.S. Treasury Department workstations and unclassified documents after compromising a third-party software service provider, the agency said Monday.
The department did not provide details on how many workstations had been accessed or what sort of documents the hackers may have obtained, but it said in a letter to lawmakers revealing the breach that “at this time there is no evidence indicating the threat actor has continued access to Treasury information.” It said the hack was being investigated as a “major cybersecurity incident.”
“Treasury takes very seriously all threats against our systems, and the data it holds,” a department spokesperson said in a separate statement. “Over the last four years, Treasury has significantly bolstered its cyber defense, and we will continue to work with both private and public sector partners to protect our financial system from threat actors.”
The revelation comes as U.S. officials are continuing to grapple with the fallout of a massive Chinese cyberespionage campaign known as Salt Typhoon that gave officials in Beijing access to private texts and phone conversations of an unknown number of Americans. A top White House official said Friday that the number of telecommunications companies affected by the hack has now risen to nine.
The Treasury Department said it learned of the problem at the agency on Dec. 8, when a third-party software service provider, BeyondTrust, flagged that hackers had stolen a key used by the vendor that helped them override the service’s security and gain remote access to several employee workstations.
The compromised service has since been taken offline, and there’s no evidence that the hackers still have access to department information, Aditi Hardikar, an assistant Treasury secretary, said in the letter Monday to leaders of the Senate Banking Committee.
The department said it was working with the FBI and the Cybersecurity and Infrastructure Security Agency to investigate the scope of the hack, and that the hack had been attributed to Chinese state-sponsored culprits. It did not elaborate.
RELATED TOPICS:
Trump Temporarily Halts Leasing and Permitting for Wind Energy Projects
10 hours ago
Fresno Man Who Dealt Deadly Fentanyl Pill Gets 80-Month Prison Term
10 hours ago
What’s Next for EVs as Trump Moves to Revoke Biden-Era Incentives?
10 hours ago
Visalia Police Find Man Shot Near Shopping Center. Tips Sought.
11 hours ago
Convicted Jan. 6 Rioter Benjamin Martin Still Going to Prison
11 hours ago
Is Lawsuit on Planned Reedley Job Center a ‘Shakedown’?
11 hours ago
CA Sued the Tar Out of Trump the First Time Around. How Did It Do?
13 hours ago
Trump Administration Directs All Federal Diversity, Equity and Inclusion Staff Be Put on Leave