Chinese Hackers Breach U.S. Treasury in Major Cybersecurity Incident
The attack, attributed to a state-sponsored group, exploited a third-party software vulnerability to access workstations and unclassified documents.
- The breach was discovered on December 8, 2024, when BeyondTrust, a third-party cybersecurity provider, alerted the U.S. Treasury to unauthorized access.
- Hackers used a stolen security key to bypass protections and remotely access employee workstations and unclassified documents.
- The Treasury Department has worked with the FBI, CISA, and intelligence agencies to assess the scope of the attack, which has been attributed to a Chinese state-sponsored Advanced Persistent Threat (APT) group.
- Officials confirmed that the compromised service has been taken offline and stated there is no evidence of continued access to Treasury systems.
- China has denied involvement, calling the accusations baseless, while U.S. lawmakers and experts emphasize the need for stronger cybersecurity measures.
NDTV 
Al Jazeera 
BBC 
Washington Examiner Washington Examiner 
Fox News 
East Bay Times 
TechSpot Washington Examiner 
The Register 
Townhall 
Newsweek 
Forbes 
Mediaite 
Investopedia 
Semafor Townhall 
CNA 
The Daily Wire 
Business Insider 
UPI 
WIRED 
Free Press Journal 
9News 
CBC 
Deutsche Welle Deutsche Welle 
The Times 
Benzinga BBC 
Engadget 
The Independent 
Axios 
Mashable 
Scripps News CBC 
The Hill 
The Verge 
Metro 
BleepingComputer Newsweek 
ABC News Al Jazeera 
South China Morning Post NDTV 
NBC News 
New York Post 
The Post Millennial Washington Examiner 
TechCrunch 
Washington Post 
Fox Business 
The Guardian 
CNN CNA 
Associated Press 
Salon 
