Chinese hackers remotely accessed several U.S. Treasury Department workstations and unclassified documents after compromising a third-party software service provider, the agency said Monday.
The department did not provide details on how many workstations had been accessed or what sort of documents the hackers may have obtained, but it said in a letter to lawmakers revealing the breach that “at this time there is no evidence indicating the threat actor has continued access to Treasury information.” The hack was being investigated as a “major cybersecurity incident,” it added.
“Treasury takes very seriously all threats against our systems, and the data it holds,” a department spokesperson said in a separate statement. “Over the last four years, Treasury has significantly bolstered its cyber defense, and we will continue to work with both private and public sector partners to protect our financial system from threat actors.”
In Beijing, a Foreign Ministry spokesperson gave China’s standard response to hacking allegations.
“We have repeatedly stated our position on such groundless accusations that lack evidence,” Mao Ning said at a daily briefing. “China consistently opposes all forms of hacking, and we are even more opposed to the dissemination of false information against China for political purposes.”
The incident comes as U.S. officials are continuing to grapple with the fallout of a massive Chinese cyberespionage campaign known as Salt Typhoon that gave officials in Beijing access to private texts and phone conversations of an unknown number of Americans. A senior White House official said Friday that the number of telecommunications companies confirmed to have been affected by the hack has now risen to nine.
The Treasury Department said it learned of the latest problem on Dec. 8, when a third-party software service provider, BeyondTrust, flagged that hackers had stolen a key “used by the vendor to secure a cloud-based service used to remotely provide technical support” to workers. That key helped the hackers override the service’s security and gain remote access to several employee workstations.
The compromised service has since been taken offline, and there’s no evidence that the hackers still have access to department information, Aditi Hardikar, an assistant Treasury secretary, said in the letter Monday to leaders of the Senate Banking Committee.
The department said it was working with the FBI and the Cybersecurity and Infrastructure Security Agency and others to investigate the impact of the hack, and that the hack had been attributed to Chinese state-sponsored culprits. It did not elaborate.
By Eric Tucker, Associated Press. Associated Press writer Ken Moritsugu in Beijing contributed to this report.
Connectez-vous pour ajouter un commentaire
Autres messages de ce groupe
There are certain social media rules we can all agree on: Ghosting a conversation is impolite, and replying “k” to a text is the equivalent of a backhand slap (violent, wrong, and rude). But what
A helicopter flying over your head, the ground rumbling under your feet, bullets whizzing by your ears: If it’s up to Google and Samsung, then your movie nights will soon sound like you’re in the
So you flew too close to the sun—downloading app after app, recording hi-res video, binging podcasts—and now you’re faced with the dreaded “Storage Almost Full” pop-up on your iPhone.
It
A funny thing happened after I stopped using Clicks, the keyboard case that effectively turns an iPhone into an oversized Blackberry: The phone by itself suddenly seemed punier.
I mean t
You know what I miss? Listening to the radio.
I’ve always loved background music, which helps me focus. But modern music-streaming services can be distracting.
Yes, I enjoy hav
OpenAI released its newest reasoning model, called o3-mini, on Friday. OpenAI says the model delivers more intelligence than OpenAI’s first s
