US Treasury Says It Was Targeted by China State-Sponsored Cyberattack

AFP/APP

Washington: The US Treasury Department revealed Monday that a cyber breach attributed to a China state-sponsored actor had targeted some of its workstations, according to a letter to Congress seen by AFP.

The incident occurred earlier this month when the actor compromised a third-party cybersecurity service provider, enabling remote access to Treasury workstations and some unclassified documents, a Treasury spokesperson explained.

The Treasury Department contacted the Cybersecurity and Infrastructure Security Agency (CISA) after being alerted to the breach by its provider, BeyondTrust. The department is now collaborating with law enforcement partners to assess the impact.

“The compromised BeyondTrust service has been taken offline, and there is no evidence indicating the threat actor has continued access to Treasury systems or information,” the spokesperson stated.

In its letter to the Senate Banking Committee leadership, the Treasury Department said: “Based on available indicators, the incident has been attributed to a China state-sponsored Advanced Persistent Threat (APT) actor.”

The department has not disclosed further details about the breach but noted that additional information would be included in a supplemental report to be issued later.