The US State Treasury Department on Monday said Chinese state-sponsored hackers were behind the cyber breach which resulted in access to employee workstations and some unclassified documents, media reports said. The breach occurred in early December and was made public in a letter penned by the Treasury Department to lawmakers notifying them of the incident, reported BBC.
The US agency described the development as a ‘major incident’. The agency said it is working with the FBI and other agencies to probe the incident.
In a letter reviewed by CNN, a Treasury official said it was informed by a third-party software service provider on December 8 that a threat actor used a stolen key to remotely access certain Treasury workstations and unclassified documents.
“Based on available indicators, the incident has been attributed to a Chinese state-sponsored Advanced Persistent Threat (APT) actor,” Aditi Hardikar, assistant secretary for management at the US Treasury, wrote in the letter as quoted by the American news channel.
A Treasury spokesperson said in a statement to CNN that the compromised service has been taken offline and officials are working with law enforcement and the Cybersecurity and Infrastructure Security Agency (CISA).
“There is no evidence indicating the threat actor has continued access to Treasury systems or information,” the Treasury spokesperson said.
China accuses US of smear attack
The Chinese Embassy in Washington, meanwhile, said the accusation was part of a ‘smear attack’.
The Embassy told the BBC it was “without any factual basis”.
The US Justice Department in September announced a cyber-attack network that hit 200,000 devices worldwide was earlier neutralised.
The department accused it was performed by hackers backed by the Chinese government.
“The targeted hacking of hundreds of thousands of innocent victims in the United States and around the world shows the breadth and aggressiveness of PRC state-sponsored hackers,” U.S. Attorney Eric G. Olshan for the Western District of Pennsylvania was earlier quoted as saying by the department’s website.
