Chinese state-sponsored hackers have breached the U.S. Treasury Department, accessing unclassified documents via a vulnerability in a third-party cybersecurity vendor. The incident has been described as a “major breach” in a letter sent to lawmakers.
The attackers used a compromised key associated with BeyondTrust’s cloud-based service to bypass security controls. This allowed them to remotely access Treasury workstations and retrieve documents stored by departmental employees.
Shocking claims of US Treasury hack by China raise more questions than answers, especially given the suspicious timing. pic.twitter.com/QpOt2NCPCC
— Truthful Voice (@webheraldnet) December 30, 2024
BeyondTrust alerted the Treasury Department to the breach on December 8. Treasury has since collaborated with the FBI and CISA to assess the impact and implement additional safeguards. “Over the last four years, Treasury has significantly bolstered its cyber defense,” the department stated.
SHOCKING: 🇨🇳 China Allegedly Hacks US Treasury in Massive Cyberattack – FBI Launches Urgent Probe
What do you think this means for US-China relations? 🤯 pic.twitter.com/5EKpOjhdGI
— Nyke Nakamoto (@Nyke_Nakamoto) December 30, 2024
Cybersecurity analysts believe the attack reflects a broader trend of state-sponsored hacking by Chinese groups. SentinelOne’s Tom Hegel remarked that targeting trusted third-party services has become an increasingly prominent method for infiltrating sensitive systems.
BREAKING: China hacked the U.S. Treasury Department, gaining access to workstations and documents – NYT
I bet their login credentials were extremely secure…like “guest” or “password1.” pic.twitter.com/KkGoUJr5Kj
— Chad Prather (@WatchChad) December 30, 2024
The Chinese government has denied involvement, with its embassy in Washington dismissing the allegations as unfounded. BeyondTrust has confirmed a security breach affecting some clients, though it has not directly linked the incident to the Treasury hack.
BREAKING: CHINA HACKS THE US TREASURY DEPARTMENT
THE TIME TO DITCH THE DOLLAR IS NIGH pic.twitter.com/q3DVC2uRvp
— Aaron Day (@AaronRDay) December 30, 2024
Officials have deactivated the affected service, and initial findings suggest that the breach has been contained.
“⚡️ US Treasury claims China hacked ‘some of its workstations.’
Apparently the Chinese hackers found ‘Top 5 ways to raise the National Debt’ in a locked folder.”
– @RT_com pic.twitter.com/RJpOqK4d7X
— George Weah MDAV∆♛🍷🇳🇬 (@marinelo_dav) December 30, 2024
China hacks US Treasury only to find it empty
with an IOU for $199 Trillion Dollars from Ukraine
and the Bidens. pic.twitter.com/7hnxrxDpWT— Azore Lure (@AzoreLure) December 30, 2024