A Chinese state-sponsored hacker has broken into the US Treasury Department’s systems, accessing employee workstations and some unclassified documents, officials said on Monday.
The breach occurred in early December and was made public in a letter penned by the Treasury Department to lawmakers notifying them of the incident.
In the letter the Treasury Department said the China-based actor was able to override security via a key used by a third-party service provider that offers remote technical support to its employees.
The US agency characterised the breach as a “major incident”, and said it had been working with the FBI and other agencies to investigate the impact.
The compromised third-party service – called BeyondTrust – has since been taken offline, officials said. They added that there is no evidence to suggest the hacker has continued to access Treasury Department information since.
Along with the FBI, the Department has been working with the Cybersecurity and Infrastructure Security Agency and third-party forensic investigators to determine the breach’s overall impact.
Based on evidence it has gathered so far, officials said the hack appears to have been carried out by “a China-based Advanced Persistent Threat (APT) actor.”
“In accordance with Treasury policy, intrusions attributable to an APT are considered a major cybersecurity incident,” Treasury Department officials wrote in their letter to lawmakers.
The Department was made aware of the hack on 8 December by BeyondTrust, a spokesperson told the BBC. The agency immediately notified law enforcement.
The spokesperson added that the hacker was able to remotely access several Treasury user workstations and certain unclassified documents that were kept by those users.
The Department did not specify the nature of these files, or when and for how long the hack took place.
The spokesperson said the Treasury Department “takes very seriously all threats against our systems, and the data it holds,” and that it will continue to work on protecting its data from outside threats.
China has been accused of spying in the past by US officials. It has regularly denied such accusations.
