news 
US Treasury says China stole documents in ‘major’ cyberattack
The United States Department of the Treasury has confirmed it was hit by a significant cybersecurity breach earlier in December, which is believed to have been orchestrated by Chinese government-backed hackers. In a letter shared with senior U.S. House lawmakers, the department attributed the attack to a state-sponsored advanced persistent threat group backed by the Chinese government.
According to reports, the cyberattack occurred on December 8 when BeyondTrust, an identity access and remote support company, notified Treasury that hackers had gained access to a key used for providing remote access technical support to Treasury employees. The compromised key allowed hackers to remotely access several Treasury user workstations and certain unclassified documents maintained by those users.
The Treasury’s letter, seen by TechCrunch, stated that it engaged the Cybersecurity and Infrastructure Security Agency (CISA) for assistance in responding to the breach and, as of December 30, has no evidence indicating the threat actor continues to have access to Treasury information.
Source: techcrunch.com
