/cdn.vox-cdn.com/uploads/chorus_asset/file/24533979/STK417_banking_money_2.jpg "The US Treasury Department was hacked")
The US Treasury Department was hacked
By Emma Roth , a news writer who covers the streaming wars, consumer tech, crypto, social media, and much more. Previously, she was a writer and editor at MUO.
The US Treasury Department suffered a “major” security incident after a China state-sponsored hacker broke into the third-party remote management software it uses, as reported earlier by The New York Times.
In a letter to lawmakers seen by The Verge, the Treasury Department said BeyondTrust, the company behind its remote management software, notified the agency of a breach on December 8th.
The threat actor stole a key used by BeyondTrust “to secure a cloud-based service used to remotely provide technical support for Treasury Departmental Offices (DO) end users.” With the key, they overrode the security to remotely access those users' workstations and “some unclassified documents” they maintained.
The Treasury Department said it worked with the Cybersecurity and Infrastructure Security Agency (CISA) and the FBI following the attack, which has been attributed to a China state-sponsored Advanced Persistent Threat (APT) hacker. “The compromised BeyondTrust service has been taken offline and there is no evidence indicating the threat actor has continued access to Treasury systems or information,” US Treasury Department spokesperson Michael Gwin said in a statement to The Verge.
/cloudfront-us-east-2.images.arcpublishing.com/reuters/2UBMMKTOFBNNFL4EGUWTJDSCTU.jpg)
/cdn.vox-cdn.com/uploads/chorus_asset/file/25813957/incase_microsoft_keyboard.png)
