US Treasury Targeted in Major China-Linked Cyberattack

Hackers exploited a security vulnerability to access non-classified systems, prompting an ongoing investigation by US authorities.

The US Treasury reported a cyberattack in early December, attributed to a Chinese state-backed hacking group.
Hackers gained access to several workstations and non-classified documents by exploiting a security key stolen from a third-party provider.
The cybersecurity firm BeyondTrust informed US authorities of the breach on December 8, leading to immediate containment measures.
US agencies, including the FBI and CISA, are investigating the breach, with further updates expected within 30 days.
China has denied involvement, calling the accusations baseless, while US officials highlight a pattern of advanced persistent threats linked to Chinese actors.