US Treasury Says Chinese Hackers Breached Systems And Stole Documents

This incident adds to a series of several security breaches in the US attributed to China, including a telecoms hack in December.

Officials said the compromised third-party service – called BeyondTrust – has since been taken offline. There was no evidence to suggest the hacker had continued to access Treasury Department information since, according to the statement.

The department said it had been working with the Cybersecurity and Infrastructure Security Agency and third-party forensic investigators to determine the overall impact.

Officials said initial investigations suggested the hack appeared to have been carried out by “a China-based Advanced Persistent Threat (APT) actor”.

A spokesperson told the BBC that the Treasury was alerted to the hack on December 8; suspicious activity was first detected on December 2.

According to the company, the suspicious activity was first spotted on 2 December, but it took three days for the company to determine it had been hacked.

The spokesperson said the hackers were able to remotely access several Treasury user workstations and some unclassified documents that were kept by those users.

The hackers are believed to have been seeking information rather than trying to steal funds.

China’s foreign ministry spokeswoman Mao Ning denied the US claims, telling a news briefing these were “baseless accusations lacking evidence”. Said Mao:

China consistently opposes all forms of hacking and firmly rejects the dissemination of false information targeting China for political purposes.

The US has not provided concrete evidence linking China to the hack.

More: Pindula News