Chinese Government Claims it Didn’t Hack US Treasury Department, but There’s a Problem

China-backed hackers reportedly breached several U.S. Treasury Department workstations, according to the agency, which notified lawmakers about the hack.

This development comes after Chinese hackers targeted a number of major corporations as part of a broader cyberespionage effort. CNN reviewed the memo the agency sent to lawmakers.

In a letter reviewed by CNN, a Treasury official said it was informed by a third-party software service provider on December 8 that a threat actor used a stolen key to remotely access certain Treasury workstations and unclassified documents.

“Based on available indicators, the incident has been attributed to a Chinese state-sponsored Advanced Persistent Threat (APT) actor,” Aditi Hardikar, assistant secretary for management at the US Treasury, wrote in the letter.

A Treasury spokesperson said in a statement to CNN that the compromised service has been taken offline and officials are working with law enforcement and the Cybersecurity and Infrastructure Security Agency (CISA).

“There is no evidence indicating the threat actor has continued access to Treasury systems or information,” the Treasury spokesperson said.

According to the letter to Senate Banking Committee leadership, the third-party software service provider, BeyondTrust, said hackers gained access to a key used by the vendor to secure a cloud-based service that Treasury uses for technical support.

(Read more from “Chinese Government Claims it Didn’t Hack US Treasury Department, but There’s a Problem” HERE)

Photo credit: Flickr