The U.S. Treasury Department has confirmed a significant cybersecurity breach involving Chinese-backed hackers who infiltrated its systems and stole government documents earlier this month, according to a letter to lawmakers disclosed on Monday, December 30.
Hackers exploit vulnerabilities in popular browser extensions
This latest breach underscores the ongoing threat of state-sponsored cyber espionage aimed at U.S. government entities, coinciding with the recent mitigation efforts by telecommunications giants against cyber threats. In a statement to Senator Sherrod Brown, the chair of the Committee on Banking, Housing, and Urban Affairs, the Treasury confirmed the incident took place in December.
According to the letter, the breach was identified by a third-party cybersecurity vendor, which discovered that attackers had accessed a critical security key associated with a cloud-based service essential for remote technical support within the department.
“With access to the stolen key, the threat actor was able to circumvent the security of the service, remotely access specific Treasury user workstations, and obtain unclassified documents stored by those users,” the letter elaborates.
The Treasury Department was notified of the breach on December 8 and is currently working alongside the FBI and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to assess the full impact of the incident. While the FBI has not yet provided a comment, CISA has referred inquiries back to the Treasury.
Topics
Cybersecurity
Government
