- U.S. Treasury confirms breach
- Compromise comes from third-party system BeyondTrust
- China denies any involvement
The U.S. Treasury Department has confirmed that documents were stolen and systems were compromised in a cyberattack it described as a “major incident.” The leak occurred through BeyondTrust, a third-party cybersecurity service provider that allows remote access to critical systems.
The agency confirmed in a disclosure letter to Congress that hackers were able to gain access to the systems used by vendors, thereby covering some Treasury systems. A third-party system that normally provides remote technical support to employees is now offline.
Officials said the agency’s preliminary assessment indicated the attack was carried out by “an advanced persistent threat actor based in China.” China called the accusation “baseless” and said it “always opposes all forms of hacking.”
brief violation
Suspicious activity was first discovered on December 2, and BeyondTrust notified the Treasury Department of the hack on December 8, although it took the company three days to determine that it had been compromised.
It’s unclear what types of documents were obtained or what they relate to, but more details are expected to be revealed in the Treasury Department’s 30-day supplemental report.
The attack comes on the heels of a huge telecommunications breach Targets 9 major telecommunications companies in the United States and harmed millions of people.
The telecommunications breach was attributed to the Chinese government-sponsored Salt Typhoon group, with President-elect Trump vowing retaliation and China denying wrongdoing related to the hack.
Liu Pengyu, spokesperson of the Chinese Embassy in Washington, said that the United States needs to stop using network security to smear and slander China and stop spreading all kinds of false information about the so-called threat from Chinese hackers.
through British Broadcasting Corporation