US Treasury Department Reports Security Breach Following China-Based Hacker Incident
news
2 min read
The US Treasury Department has suffered a major security breach after a China-based state-sponsored hacker gained access to several employee workstations and unclassified documents.
According to a letter to lawmakers seen by The Verge, the Treasury Department revealed that BeyondTrust, the company behind its remote management software, notified them of a breach on December 8th. The hacking incident occurred when the threat actor stole a key used by BeyondTrust to secure a cloud-based service used for remotely providing technical support to users.
Using this compromised key, the hacker was able to override security and access employees’ workstations and some unclassified documents maintained by them. To address the issue, the Treasury Department worked closely with the Cybersecurity and Infrastructure Security Agency (CISA) and the FBI following the attack.
While the Treasury Department has confirmed that there is no evidence indicating the threat actor still has continued access to Treasury systems or information, it emphasized its commitment to protecting its financial system from threat actors. In a statement to The Verge, a spokesperson for the Treasury Department said, “Treasury takes very seriously all threats against our systems and the data it holds. Over the last four years, Treasury has significantly bolstered its cyber defense, and we will continue to work with both private and public sector partners to protect our financial system from threat actors.”
The hacking incident seems linked to a security breach BeyondTrust disclosed earlier this month, affecting customers using its remote support software.
Source: www.theverge.com
