Chinese language hackers accessed workstations and stole paperwork in a “major incident” earlier this month, the Treasury Division introduced Monday.
In a letter to the leaders of the Senate Banking, Housing and City Affairs Committee, assistant secretary for administration Aditi Hardikar wrote the state-sponsored hackers compromised a third-party cybersecurity service supplier — BeyondTrust — to realize entry on Dec. 8.
Sen. Sherrod Brown (D-Ohio) and Sen. Tim Scott (R-S.C.) are the chairman and rating members of the committee, respectively.
The hackers “gained access to a key used by the vendor to secure a cloud-based service used to remotely provide technical support for Treasury Departmental Offices end users,” the letter reads. “With access to the stolen key, the threat actor was able override the service’s security, remotely access certain Treasury DO user workstations, and access certain unclassified documents maintained by those users.”
The Treasury stated it’s working with the U.S. Cybersecurity and Infrastructure Safety Company and the FBI to find out the extent of the hack.
A Treasury spokesperson instructed CNN the affected system was shortly taken offline, placing an finish to the hack.
“There is no evidence indicating the threat actor has continued access to Treasury systems or information,” they stated.
“Treasury takes very seriously all threats against our systems, and the data it holds. Over the last four years, Treasury has significantly bolstered its cyber defense, and we will continue to work with both private and public sector partners to protect our financial system from threat actors,” the assertion reads partly.
The overall variety of compromised workstations, and contents of the stolen paperwork weren’t revealed.
