Treasury Department Responds to Breach by Chinese Hackers

On Monday, the U.S. Department of Treasury announced that a cybercriminal affiliated with the Chinese government had recently breached the department's computer security guardrails.

Key Details: The Treasury Department said Chinese hackers accessed unclassified documents and several department workstations. While no details were provided on what sort of documents may have been obtained or how many workstations had been accessed, the breach is being investigated as a "major cybersecurity incident." The department was notified of the hacking incident by service provider BeyondTrust.

Key Quotes: In a letter to the House Committee on Banking, Housing and Urban Affairs, the Justice Department reports that hackers "gained access to a key used by the vendor to secure a cloud-based service used to remotely provide technical support for Treasury Departmental Offices (DO) end users." In Beijing, a Foreign Ministry spokesperson said, “We have repeatedly stated our position on such groundless accusations that lack evidence. China consistently opposes all forms of hacking, and we are even more opposed to the dissemination of false information against China for political purposes.”

For Context: Over the past six months, several high-profile officials, such as Vice President Kamala Harris and President-elect Donald Trump, have been targeted in a China-backed hack of American telecom networks. U.S. officials are investigating the intrusions and tracking the actions of Salt Typhoon, the term used for the Chinese Government espionage unit.

How the Media Covered it: Sources across the political spectrum noted that the BeyondTrust service has since been taken offline and that there is "no evidence that the hackers still have access" to Treasury Department information.