Chinese hackers accessed US Treasury Department in ‘major cybersecurity incident’, agency says

30 December 2024, 22:18 | Updated: 30 December 2024, 22:29

US Treasury Headquarters Building
US Treasury Headquarters Building. Picture: Getty

By Josef Al Shemary

Chinese hackers remotely accessed several US Treasury Department workstations and unclassified documents, the agency has said.

Listen to this article

Loading audio...

The state-sponsored hackers gained access to the computers and documents by compromising a third-party software service provider, according to a letter sent by the Treasury to Congress.

The Treasury Department said in a letter to politicians revealing the breach that "at this time there is no evidence indicating the threat actor has continued access to Treasury information".

It did not provide details on how many workstations had been accessed or what sort of documents the hackers may have obtained.

It said the hack was being investigated as a "major cybersecurity incident".

"Treasury takes very seriously all threats against our systems, and the data it holds," the department said.

Read more: China accused of hacking personal details of every single member of the armed forces but Beijing dismisses ‘smear’

Read more: Foreign Office interpreter embroiled in accusation of running Chinese 'propaganda' website from Britain

"Over the last four years, Treasury has significantly bolstered its cyber defence, and we will continue to work with both private and public sector partners to protect our financial system from threat actors."

The department said it learned of the problem on December 8 when a third-party software service provider, BeyondTrust, flagged that hackers had stolen a key used by the vendor that helped it override the system and gain remote access to several employee workstations.

The compromised service has since been taken offline, and there is no evidence that the hackers still have access to department information, Aditi Hardikar, an assistant Treasury secretary, said in the letter to leaders of the Senate Banking Committee on Monday.

The department said it was working with the FBI and the Cybersecurity and Infrastructure Security Agency, and that the hack had been attributed to Chinese culprits. It did not elaborate.

The news came as US officials continue to grapple with the fallout of a massive Chinese cyberespionage campaign known as Salt Typhoon that gave officials in Beijing access to private texts and phone conversations of an unknown number of Americans.

Earlier this year, China was accused of hacking the names and bank details of Britain’s entire armed forces.

As many as 270,000 people including regular troops, reservists and some veterans were understood to have been affected by the hack in May.

Defence Secretary Grant Shapps has ordered an independent external investigation after names, addresses, service ID numbers and bank details were put at risk.

Staff were today told to keep a close eye on their social media, emails, and speak to their bank if they were worried, according to a memo seen by LBC.

The Ministry of Defence appeared to blame the bank holiday for failing to tell those affected internally first, telling staff they were “in the process of informing you following the bank holiday weekend”.

Beijing has dismissed the claims as a "smear."

At the time, China's foreign ministry said it "firmly opposes and fights all forms of cyber attacks" and "rejects the use of this issue politically to smear other countries."

A spokesman for the Chinese embassy in the UK said: "The so-called cyber attacks by China against the UK are completely fabricated and malicious slanders."

A top White House official said on Friday that the number of telecommunications companies affected by the hack has now risen to nine.

More Latest News

See more More Latest News

Close up of a Police logo on a police officers uniform in Leeds,WEst Yorkshire,UK

Norwegian teenager arrested after being caught with guns in Yorkshire hotel room

x

UK should not 'jump in with both feet' to retaliate against Trump trade tariffs, PM urges

Wahib

'Jealous and controlling husband' who tried to cut wife's head off before leaving her to bleed to death jailed for life

Ashbourne Derbyshire England UK.

Two dead after aircraft crash in Derbyshire, as police tell public to avoid the area

The Government must “invest in childhood” or risk losing the next generation to poor mental health, a charity has warned.

Invest in childhood ‘or risk losing a generation to poor mental health’, charity warns

US-ECONOMY-MARKET-STOCKS

Relief for financial markets as stocks rebound from historic losses days on from tariff turmoil

XL Bullies Being Walked On Private Land After Ban

XL Bully mauled two people after being ordered to ‘kill’ by owner as victims left with 'horrific injuries'

Kerri Pegg, former governor of HMP Kirkham,

Prison governor guilty of misconduct after relationship with drug boss 'Jesse Pinkman' who gifted her £12k Mercedes

Emergency services search for survivors after the ceiling collapsed in Dominican Republic

At least 44 killed after nightclub ceiling collapses in Dominican Republic as desperate hunt for survivors launched

Westfield Stratford City shopping center, London England United Kingdom UK

Two teenage boys charged after seat thrown from third floor of Westfield shopping centre

Elton John and Madonna 'bury the hatchet' after decades-long feud

Elton John and Madonna 'bury the hatchet' after decades-long feud

Zelenskyy shared the video of the alleged Chinese soldier on Telegram

Two Chinese soldiers captured fighting in Ukraine - and Zelenskyy says he wants US and Europe to respond

Ahmad Mamdouh Al Ibrahim was fatally stabbed in Huddersfield

Boy, 16, fatally stabbed in Huddersfield was refugee who fled Syria and dreamed of becoming doctor

Yossi Benayoun

Former Premier League star 'survives grenade attack on home'

New Scotland Yard

Serving Met Police officer charged with four counts of rape

FILE - A North Korean military guard post, top, and South Korean post, bottom, are seen from Paju, South Korea, near the border with North Korea, Friday, May 31, 2024. (AP Photo/Ahn Young-joon, File)

South Korean military fire at North Korean soldiers 'crossing demarcation line'