Chinese hackers linked to the government breached U.S. Treasury Department systems earlier this month, stealing unclassified documents in an attack described as a “major incident.” Treasury officials disclosed the breach in a letter to lawmakers, attributing the infiltration to a compromise of BeyondTrust, a third-party cybersecurity service provider.
The attackers gained unauthorized access by exploiting a key used by BeyondTrust to secure a cloud-based technical support platform. With this key, the hackers bypassed security measures, accessed Treasury Department workstations, and retrieved unclassified documents.
Shocking claims of US Treasury hack by China raise more questions than answers, especially given the suspicious timing. pic.twitter.com/QpOt2NCPCC
— Truthful Voice (@webheraldnet) December 30, 2024
BeyondTrust informed the Treasury Department of the breach on December 8. Since then, Treasury has worked with CISA and the FBI to evaluate the damage and implement additional cybersecurity measures. “Treasury takes these threats seriously,” the department said in its statement, emphasizing ongoing efforts to strengthen defenses.
SHOCKING: 🇨🇳 China Allegedly Hacks US Treasury in Massive Cyberattack – FBI Launches Urgent Probe
What do you think this means for US-China relations? 🤯 pic.twitter.com/5EKpOjhdGI
— Nyke Nakamoto (@Nyke_Nakamoto) December 30, 2024
Cybersecurity experts have noted that the breach aligns with established tactics of Chinese state-sponsored hacking groups. These groups often exploit third-party services to infiltrate high-value targets. SentinelOne’s Tom Hegel commented, “This incident fits a well-documented pattern of operations by PRC-linked groups.”
BREAKING: China hacked the U.S. Treasury Department, gaining access to workstations and documents – NYT
I bet their login credentials were extremely secure…like “guest” or “password1.” pic.twitter.com/KkGoUJr5Kj
— Chad Prather (@WatchChad) December 30, 2024
The Chinese Embassy in Washington has rejected the allegations, accusing the U.S. of making unfounded claims. BeyondTrust, based in Georgia, has acknowledged a recent security breach involving a limited number of clients, though it has not directly tied its incident to the Treasury attack.
BREAKING: CHINA HACKS THE US TREASURY DEPARTMENT
THE TIME TO DITCH THE DOLLAR IS NIGH pic.twitter.com/q3DVC2uRvp
— Aaron Day (@AaronRDay) December 30, 2024
The compromised service has been taken offline, and officials believe the hackers no longer have access to additional department information. The breach underscores the growing risks posed by state-sponsored cyberattacks on federal agencies.
“⚡️ US Treasury claims China hacked ‘some of its workstations.’
Apparently the Chinese hackers found ‘Top 5 ways to raise the National Debt’ in a locked folder.”
– @RT_com pic.twitter.com/RJpOqK4d7X
— George Weah MDAV∆♛🍷🇳🇬 (@marinelo_dav) December 30, 2024
China hacks US Treasury only to find it empty
with an IOU for $199 Trillion Dollars from Ukraine
and the Bidens. pic.twitter.com/7hnxrxDpWT— Azore Lure (@AzoreLure) December 30, 2024