The United States has confirmed a major cyber attack on the Treasury Department by a hacker linked to the Chinese government.
The attack, flagged on December 8 by the third-party software provider BeyondTrust, involved the theft of a security key that granted remote access to certain Treasury workstations and unclassified documents.
A letter from the Treasury Department to lawmakers described the attacker as a “China state-sponsored Advanced Persistent Threat (APT) actor.” According to the department, such incidents are classified as major cybersecurity breaches under its policies.
Investigations are ongoing, with the U.S. Treasury collaborating with the FBI, intelligence agencies, and other cybersecurity teams to assess the breach’s impact. While the compromised system has been deactivated, authorities report no evidence suggesting the attackers retain access to Treasury information.
This breach underscores growing concerns over cybersecurity and tensions between the U.S. and China, with digital espionage remaining a significant point of contention.
