The hackers reportedly exploited a digital key managed by BeyondTrust, which allowed them to bypass certain safeguards
The United States Treasury Department confirmed that Chinese state-sponsored hackers breached its systems earlier this month, compromising several employee workstations and accessing unclassified documents. The breach, executed through a vulnerability in the systems of third-party cybersecurity provider BeyondTrust, has raised fresh concerns about the security of federal infrastructure.
The hackers reportedly exploited a digital key managed by BeyondTrust, which allowed them to bypass certain safeguards. Details of the breach were disclosed in a letter sent by the Treasury Department to lawmakers, reviewed by *The Guardian*.
Swift Containment Measures
A Treasury Department spokesperson assured that the compromised BeyondTrust service was promptly taken offline. “There is no evidence indicating the threat actor has continued access to Treasury systems or information,” the spokesperson said.
Following the alert from BeyondTrust, the Treasury Department coordinated with the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and third-party forensic investigators to assess the impact. More details are expected in a supplemental report due within 30 days.
“Treasury takes very seriously all threats against our systems and the data it holds,” the spokesperson added. Over the past four years, the department has significantly strengthened its cyber defences and continues to collaborate with public and private partners to safeguard the financial system.
