(BBC News) A Chinese state-sponsored hacker has broken into the US Treasury Department’s systems, accessing employee workstations and some unclassified documents, American officials said on Monday.

The breach occurred in early December and was made public in a letter penned by the Treasury Department to lawmakers notifying them of the incident.

The US agency characterized the breach as a “major incident”, and said it had been working with the FBI and other agencies to investigate the impact.

A spokesman for the Chinese embassy in Washington DC told BBC News that the accusation is part of a “smear attack” and was made “without any factual basis.”

The Treasury Department said in its letter to lawmakers that the China-based actor was able to override security via a key used by a third-party service provider that offers remote technical support to its employees.

The compromised third-party service – called BeyondTrust – has since been taken offline, officials said. They added that there is no evidence to suggest the hacker has continued to access Treasury Department information.

Along with the FBI, the department has been working with the Cybersecurity and Infrastructure Security Agency and third-party forensic investigators to determine the breach’s overall impact.

Based on evidence it has gathered so far, officials said the hack appears to have been carried out by “a China-based Advanced Persistent Threat (APT) actor”.

“In accordance with Treasury policy, intrusions attributable to an APT are considered a major cybersecurity incident,” Treasury Department officials wrote in their letter to lawmakers.

 

https://www.bbc.com/news/articles/c3weye2j0e7o

Share.
Exit mobile version