U.S. Treasury documents and workstations were accessed during the cyberattack. new york times I will report. The attack was linked to a “Chinese state-sponsored advanced persistent threat actor” and was characterized as a “major cybersecurity incident.”
According to the letter The Treasury Department shared information with members of Congress (via TechCrunch), third-party software company BeyondTrust shared on December 8 that security keys used to provide technical support were being used to access workstations and unclassified documents, and U.S. authorities became aware of the issue. I did.
The Treasury Department said it is working with the Cybersecurity and Infrastructure Security Agency (CISA) and the FBI to understand the full extent of the breach, but it is unclear how long files and workstations were accessed and what was actually accessed. has not been disclosed. Engadget has contacted the U.S. Treasury Department and will update this article as we learn more.
This cyberattack follows an equally alarming, but unsecured breach of another U.S. carrier in October 2024. The cyberattack was carried out by a Chinese hacker group called “Salt Typhoon.” The attackers had access to unencrypted SMS messages and call records of politicians, government officials and others for several months before the breach was discovered.
