header logo
සිංහලதமிழ்
Asia asset finance
Mogo Academy
Science & Tech
US Treasury says Chinese hackers stole documents in ‘major incident’
Dec 31, 202411:09 AM
US Treasury says Chinese hackers stole documents in ‘major incident’

Chinese state-sponsored hackers breached the U.S. Treasury Department’s computer security guardrails this month and stole documents in what Treasury called a “major incident,” according to a letter to lawmakers,  that Treasury officials provided to Reuters on Monday.

 

The hackers compromised third-party cybersecurity service provider BeyondTrust and were able to access unclassified documents, the letter said.

 

According to the letter, hackers “gained access to a key used by the vendor to secure a cloud-based service used to remotely provide technical support for Treasury Departmental Offices (DO) end users. With access to the stolen key, the threat actor was able to override the service’s security, remotely access certain Treasury DO user workstations, and access certain unclassified documents maintained by those users.”

 

The Treasury Department said it was alerted to the breach by BeyondTrust on Dec. 8 and that it was working with the U.S. Cybersecurity and Infrastructure Security Agency and the FBI to assess the hack’s impact.

 

Treasury officials didn’t immediately respond to an email seeking further details about the hack. The FBI did not immediately respond to Reuters’ requests for comment, while CISA referred questions back to the Treasury Department.

 

A spokesperson for the Chinese Embassy in Washington rejected any responsibility for the hack, saying that Beijing “firmly opposes the U.S.’s smear attacks against China without any factual basis.”

 

A spokesperson for BeyondTrust, based in Johns Creek, Georgia, told Reuters in an email that the company “previously identified and took measures to address a security incident in early December 2024” involving its remote support product. BeyondTrust “notified the limited number of customers who were involved,” and law enforcement was notified, the spokesperson said. “BeyondTrust has been supporting the investigative efforts.”

 

The spokesperson referred to a statement posted on the company’s on Dec. 8 sharing some details from the investigation, including that a digital key had been compromised in the incident and that an investigation was under way. That statement was last updated Dec. on 18.

 

Tom Hegel, a threat researcher at cybersecurity company SentinelOne, said the reported security incident “fits a well-documented pattern of operations by PRC-linked groups, with a particular focus on abusing trusted third-party services - a method that has become increasingly prominent in recent years,” he said, using an acronym for the People’s Republic of China.”

 

Source: Reuters
--Agencies 

 

 

 

MostRead
Mobitel 5g
VideoStories
Yoshitha Rajapaksa released on bail following arrest by the Bribery Commission

Yoshitha Rajapaksa released on bail following arrest by the Bribery Commission

Political debate intensifies over Suresh Sallay detention and CID conduct

Political debate intensifies over Suresh Sallay detention and CID conduct

Court of Appeal to consider Former President Gotabaya Rajapaksa’s petition tomorrow

Court of Appeal to consider Former President Gotabaya Rajapaksa’s petition tomorrow

Cabinet gives nod to secure US$ 200 million in ABD funding for infrastructure and housing projects

Cabinet gives nod to secure US$ 200 million in ABD funding for infrastructure and housing projects

“Gotabaya’s arrest will be determined by evidence” CID responsible for Easter attacks probe: Govt.

“Gotabaya’s arrest will be determined by evidence” CID responsible for Easter attacks probe: Govt.

Dengue infections surpass 42,000; Special dengue control program to be held in schools this week

Dengue infections surpass 42,000; Special dengue control program to be held in schools this week

“Sallay not in critical condition” CID declines request to grant daily legal access to Suresh Sallay

“Sallay not in critical condition” CID declines request to grant daily legal access to Suresh Sallay

CID informs court of probe into contempt allegations against six persons including ex-Ministers

CID informs court of probe into contempt allegations against six persons including ex-Ministers

Govt. has obtained US$ 1.85 bln in foreign loans since assuming power, Finance Ministry data shows

Govt. has obtained US$ 1.85 bln in foreign loans since assuming power, Finance Ministry data shows

"Govt. has no development plans" Dilith Jayaweera says common man is being burdened on a daily basis

"Govt. has no development plans" Dilith Jayaweera says common man is being burdened on a daily basis

"Different virus spreading rapidly at the moment" Officials raise alarm over surge in dengue cases

"Different virus spreading rapidly at the moment" Officials raise alarm over surge in dengue cases

El Niño expected to gradually impact Sri Lanka, experts warn

El Niño expected to gradually impact Sri Lanka, experts warn

Dengue cases surge in Sri Lanka with over 40,000 patients recorded this year

Dengue cases surge in Sri Lanka with over 40,000 patients recorded this year

Sri Lanka Navy launches new book showcasing nation’s maritime heritage

Sri Lanka Navy launches new book showcasing nation’s maritime heritage

Special Dengue Prevention Week in Colombo from June 15 to 21

Special Dengue Prevention Week in Colombo from June 15 to 21

Lassana Flora