The unclassified documents were stolen after a hack earlier this month, according to a letter sent by Treasury to Congress.
State-sponsored Chinese hackers were able to steal unclassified documents from United States Treasury workstations earlier this month, the US Treasury Department has said.
The department said Monday that hackers were able to compromise a third-party cybersecurity service provider and gain access to documents in what it described as a “major incident.”
“(Hackers) gained access to a key used by the vendor to provide a cloud-based service used to provide remote technical support to end users of Department of the Treasury Offices (DO),” the letter said. sent to Congress by the US Treasury Department. “With access to the stolen key, the threat actor was able to bypass the security of the service, remotely log into several Treasury DO user workstations, and access several unclassified documents held by those users.”
A statement from the Treasury said the department “takes all threats against our systems and the data they hold very seriously”.
The Treasury Department was notified of the hack by cybersecurity provider BeyondTrust on December 8. The department says it is working with the US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI to assess the impact of the hack.
“The compromised BeyondTrust service has been taken offline and there is no evidence that the threat actor has continued to access Treasury systems or information,” a Treasury Department spokesman told AFP.
The letter to the leadership of the US Senate Banking Committee directly accused China, saying the incident was attributed to a Chinese state-sponsored Advanced Persistent Threat (APT) actor.
An APT is a cyber attack where the hacker can maintain undetected and unauthorized access to a target for a period of time.
The Treasury Department said more information will be released in a supplemental report at a later date.
The hack report comes less than a month before the inauguration of US President-elect Donald Trump.
Trump has threatened China with a trade war and tariffs, saying Beijing had not done enough to stop the flow of the opioid fentanyl into the US.
Both Trump’s Republicans and Democrats have warned against Chinese threats against the US, particularly in the area of cyber security.
In September, the US Department of Justice said it had stopped a network of cyberattacks led by Chinese-backed hackers that had affected 200,000 devices worldwide.
And earlier in December, the US sanctioned a Chinese cybersecurity firm and a researcher over a 2020 attack that tried to exploit a software vulnerability in the company’s firewalls.
China has denied any involvement in the attacks and says it opposes all forms of cyber attacks.
