Chinese hackers remotely gained access to several U.S. Treasury Department workstations and unclassified documents after hacking a third-party software service provider, the agency said Monday.
The department did not provide details on how many workstations were accessed or what type of documents the hackers may have obtained, but it said in a letter to lawmakers revealing the hack that “at this time there is no evidence to suggest a continuing threat actor.” Access to treasury information.” She added that the hack was being investigated as a “major cybersecurity incident.”
“The Treasury Department takes seriously all threats against our systems and the data they hold,” a department spokesperson said in a separate statement. “Over the past four years, Treasury has significantly strengthened its cyber defense, and we will continue to work with private and public sector partners to protect our financial system from threat actors.”
In Beijing, a Foreign Ministry spokesman gave China’s usual response to hacking allegations.
“We have repeatedly made clear our position on such baseless and lacking evidence accusations,” Mao Ning said at a daily press conference. He added: “China consistently opposes all forms of piracy, and we are even more opposed to spreading false information against China for political purposes.”
The incident comes as US officials continue to grapple with the fallout from a massive Chinese cyberespionage campaign known as Salt Typhoon that gave officials in Beijing access to the private texts and phone conversations of an unknown number of Americans. A senior White House official said on Friday that the number of telecommunications companies confirmed to have been affected by the hack has now risen to nine companies.
Get daily national news
Get the day’s top political, economic and current affairs news, headlines, delivered to your inbox once a day.
The Treasury Department said it learned of the latest issue on December 8, when a third-party software service provider, BeyondTrust, reported that hackers had stolen a key “used by the vendor to secure a cloud-based service used to provide technology remotely.” Support” for workers. This key helped hackers bypass the service’s security and gain remote access to many employee workstations.
The hacked service has since been shut down, and there is no evidence that the hackers are still able to access the department’s information, Assistant Treasury Secretary Aditi Hardikar said in the letter Monday to leaders of the Senate Banking Committee.
The department said it was working with the FBI, the Cybersecurity and Infrastructure Security Agency and others to investigate the impact of the hack, and that the hack was attributed to Chinese state-sponsored perpetrators. He did not explain that.
Associated Press writer Ken Moritsugu in Beijing contributed to this report.
& Edition 2024 The Canadian Press
