A Chinese state-sponsored hacking group recently infiltrated the U.S. Treasury Department’s systems in what officials described as a “major incident,” according to an announcement made on Monday.
The Treasury disclosed details of the breach in a letter to Senate Banking Committee leadership, stating the incident was discovered on December 8th.
“Based on available indicators, the incident has been attributed to a Chinese state-sponsored Advanced Persistent Threat (APT) actor,” wrote Aditi Hardikar, Assistant Secretary for Management at the Treasury Department.
The hackers reportedly gained access to department workstations and unclassified documents using a security key.
“Once Treasury was alerted by the service provider, we immediately contacted Cybersecurity and Infrastructure Security Agency (CISA) and have worked with law enforcement partners across the government to ascertain the impact of this incident,” Hardikar explained.
Plans for a Classified Briefing
Officials have announced plans to conduct a classified briefing on the breach with staffers from the House Financial Services Committee, though an exact date has not yet been set.
The Treasury incident follows a series of cybersecurity breaches attributed to Chinese actors. Just last week, the White House reported that Chinese hackers accessed private text messages and phone conversations of Americans by targeting a U.S. telecommunications company. This marks the ninth U.S. telecom company affected by Chinese cyberattacks.
Deputy National Security Adviser Anne Neuberger highlighted the extent of the attack but acknowledged that the full scope remains unclear due to the hackers’ efforts to obscure their tracks.
“We believe it was the goal of identifying who those phones belong to and if they were government targets of interest for follow-on espionage and intelligence collection of communications, of texts and phone calls on those particular phones,” Neuberger said.
National Security Concerns
The latest cyberattack has prompted concerns over China’s increasingly sophisticated espionage operations. The victims of the telecommunications breach were predominantly located in Washington, D.C., and Virginia, areas known for high concentrations of federal officials and contractors.
The Treasury Department is working closely with the FBI and CISA to assess and mitigate the impacts of this latest breach.
The incident underscores the growing importance of cybersecurity in safeguarding critical government and private sector systems from foreign interference.
