Chinese State Hackers Breach U.S. Treasury Systems via Third-Party Vendor

The December cyberattack targeted unclassified Treasury documents, raising national security concerns and intensifying scrutiny of U.S.-China relations.

The U.S. Treasury Department confirmed a breach in December 2024, attributed to Chinese state-sponsored hackers exploiting a vulnerability in BeyondTrust, a third-party vendor.
The attackers accessed unclassified documents, including those from the Office of Foreign Assets Control, which oversees economic sanctions, potentially seeking intelligence on U.S. sanctions plans.
The Cybersecurity and Infrastructure Security Agency (CISA) stated there is no evidence of the breach affecting other federal agencies or ongoing access to Treasury systems.
Lawmakers from both parties have demanded detailed briefings, citing concerns over the potential exposure of sensitive financial and national security data.
Experts warn the incident underscores the need for stronger cybersecurity measures, including public-private partnerships and enhanced defenses for critical government systems.