*** US Treasury was hacked : Unclassified Files Compromised | THE DAILY TRIBUNE | KINGDOM OF BAHRAIN

US Treasury was hacked : Unclassified Files Compromised

TDT | Manama
Email : editor@newsofbahrain.com

A Hacker breached the US Treasury Department's systems earlier this month, accessing employee workstations and unclassified documents, American officials revealed on Monday.

The Treasury Department has classified the breach as a "major cybersecurity incident" and has informed lawmakers through a detailed letter. The attack, attributed to a "China-based Advanced Persistent Threat (APT) actor," is being investigated in collaboration with the FBI and other agencies.

The breach was enabled through a compromised key used by a third-party service provider, BeyondTrust, which offers remote technical support to Treasury employees. BeyondTrust has since been taken offline, and officials have reported no further unauthorized access since the discovery.

Timeline of the Incident

  • 2 December: Suspicious activity detected by BeyondTrust.
  • 5 December: BeyondTrust confirms the hack.
  • 8 December: Treasury Department notified of the incident.

Investigators believe the hackers accessed user workstations and unclassified documents during the breach but did not disclose the nature of the files or the seniority of the employees involved. It remains unclear if the hackers created new accounts or altered passwords during the attack.

Espionage Suspected

Officials have stated that the attackers appeared focused on gathering information rather than stealing funds, classifying the operation as espionage. The breach is one of several high-profile incidents blamed on Chinese state-sponsored hackers, following a telecoms hack in December that potentially compromised phone records.

Treasury Response

The Treasury Department has emphasized its commitment to cybersecurity, stating, "We take very seriously all threats against our systems and the data they hold." A supplementary report on the breach will be submitted to lawmakers within 30 days.

China's Denial

Liu Pengyu, a spokesman for the Chinese embassy in Washington DC, dismissed the allegations as baseless. "We hope relevant parties will adopt a professional and responsible attitude, basing conclusions on sufficient evidence rather than unfounded speculation and accusations," Liu said.

He added, "The US needs to stop using cybersecurity to smear and slander China, and stop spreading disinformation about so-called Chinese hacking threats."

This incident underscores ongoing tensions between the US and China over cyber espionage and cybersecurity vulnerabilities.