Chinese state-sponsored hackers accessed unclassified documents from the U.S. Treasury Department earlier this month, exploiting a vulnerability in BeyondTrust, a third-party cybersecurity provider. The incident has been described as a “major breach.” in communications to lawmakers.
The attackers leveraged a stolen digital key to bypass BeyondTrust’s cloud-based support service, enabling them to remotely access Treasury workstations. The breach exposed unclassified information stored on these systems.
Shocking claims of US Treasury hack by China raise more questions than answers, especially given the suspicious timing. pic.twitter.com/QpOt2NCPCC
— Truthful Voice (@webheraldnet) December 30, 2024
BeyondTrust alerted Treasury officials to the incident on December 8. Federal agencies, including the FBI and CISA, are now involved in assessing the impact and securing affected systems. “Treasury takes all threats to its systems and data seriously,” the department said, emphasizing its efforts to bolster cybersecurity.
SHOCKING: 🇨🇳 China Allegedly Hacks US Treasury in Massive Cyberattack – FBI Launches Urgent Probe
What do you think this means for US-China relations? 🤯 pic.twitter.com/5EKpOjhdGI
— Nyke Nakamoto (@Nyke_Nakamoto) December 30, 2024
Cybersecurity experts have linked the breach to tactics frequently used by Chinese state-sponsored groups. Tom Hegel of SentinelOne highlighted the trend of exploiting third-party vendors as a way to infiltrate high-value targets.
BREAKING: China hacked the U.S. Treasury Department, gaining access to workstations and documents – NYT
I bet their login credentials were extremely secure…like “guest” or “password1.” pic.twitter.com/KkGoUJr5Kj
— Chad Prather (@WatchChad) December 30, 2024
China’s embassy in Washington has denied the allegations, calling them unfounded. BeyondTrust has acknowledged a security incident involving its remote support software and stated that it is working to address the issue.
BREAKING: CHINA HACKS THE US TREASURY DEPARTMENT
THE TIME TO DITCH THE DOLLAR IS NIGH pic.twitter.com/q3DVC2uRvp
— Aaron Day (@AaronRDay) December 30, 2024
The affected service has been shut down, and Treasury officials believe the immediate threat has been mitigated. Investigations into the broader implications of the breach remain ongoing.
“⚡️ US Treasury claims China hacked ‘some of its workstations.’
Apparently the Chinese hackers found ‘Top 5 ways to raise the National Debt’ in a locked folder.”
– @RT_com pic.twitter.com/RJpOqK4d7X
— George Weah MDAV∆♛🍷🇳🇬 (@marinelo_dav) December 30, 2024
China hacks US Treasury only to find it empty
with an IOU for $199 Trillion Dollars from Ukraine
and the Bidens. pic.twitter.com/7hnxrxDpWT— Azore Lure (@AzoreLure) December 30, 2024