(Bloomberg) — The US Treasury Department was hacked by a Chinese state-sponsored actor through a third-party software service provider, according to letter the agency sent to Congress on Monday.
Most Read from Bloomberg
Treasury described the intrusion as a “major cybersecurity incident,” since it was attributed to a state-sponsored actor, according to the letter, which was reviewed by Bloomberg News.
Treasury was notified on Dec. 8 by a third-party software provider, BeyondTrust Inc., that a hacker had gained access “to a key used by the vendor to secure a cloud-based service used to remotely provide technical support for Treasury Departmental Offices (DO) end users,” according to the letter.
The department is being assisted by the Cybersecurity and Infrastructure Security Agency, the FBI, the intelligence community and third-party forensic investigators.
Based on available information, advanced hackers tied to China were behind the incident, according to the letter.
The Chinese embassy in Washington didn’t immediately respond to a request for comment, nor did a representative for BeyondTrust.
The hacker was able to remotely access certain Treasury workstations and “certain unclassified documents maintained by those users,” the department said in the letter to Senators Sherrod Brown and Tim Scott.
“The compromised BeyondTrust service has been taken offline, and there is no evidence indicating the threat actor has continued access to Treasury systems or information,” a Treasury spokesperson said.
Disclosure of the breach comes as the White House continues to investigate what it says is vast cyber-espionage campaign against US telecommunications companies by Chinese state-sponsored hackers. On Friday, the White House said nine telecom firms had been impacted by the attacks, which have been attributed to a group Microsoft Corp. nicknamed Salt Typhoon.
The hackers allegedly spent months lurking inside American telecom networks and gathering information about an unknown number of Americans’ phone calls and text messages. Among the phones targeted were those of then presidential candidate Donald Trump and his running mate JD Vance, Trump family members and members of Vice President Kamala Harris’ campaign staff and others, the New York Times has reported.
The alleged Chinese espionage efforts at US telecoms and the Treasury Department come after a period of relative calm in relations between US and China in the final stretches of President Joe Biden’s term.
That included Biden and Chinese leader Xi Jinping meeting at the APEC summit in Peru last month, a rare prisoner swap in late November and renewed agreement earlier this month on science and technology cooperation.
