The US Treasury Department says it was hacked in a cyber attack linked to China

Documents and workplaces at the US Treasury Department were accessed during the cyberattack, The New York Times reports. The attack has been linked to an “Advanced Persistent Threat actor sponsored by the Chinese government” and characterized as a “major cyber security incident.”

According to a letter the Treasury Department shared with lawmakers (via TechCrunch), US officials were made aware of the issue on December 8, when BeyondTrust, a third-party software company, shared that an authentication key used to provide technical assistance was used to access workstations and unclassified documents. .

The Treasury Department said it was working with the Cybersecurity and Infrastructure Security Agency (CISA) and the FBI to understand the scope of the breach, but did not share how long files and workstations were accessed or what exactly was accessed. Engadget has contacted the US Treasury Department and will update this article when we know more.

The cyberattack follows a similar, but different breach of US phone companies that occurred in October 2024. That cyberattack was carried out by a Chinese hacker group called “Salt Storm.” Attackers gained access to unencrypted SMS messages and phone logs of politicians, government officials and others months before the breach was discovered.