Tyler Cross
Published on: January 7, 2025
Investigators discovered that several senior US officials had their laptops compromised as a result of the Chinese threat agent-linked hack on the US Treasury Department.
Earlier this week, it was disclosed to the public that the Treasury Department and Office of Foreign Assets Control (OFAC) faced a serious data breach on Dec. 8. Experts believe the culprit is linked to the People’s Republic of China (PRC) due to the similarity in methods used in other attacks.
During the attack, multiple unnamed senior officials had their laptops compromised, and “unclassified material” on their computers was stolen. Over 100 computers were affected.
The stolen data includes “drafts and notes for policy decisions, itineraries and travel planning documents for Treasury leaders, as well as some internal communications,” Bloomberg wrote.
Despite China refuting the accusation, experts believe that PRC-affiliated hackers stole an API-key and used that to hack into the third-party cybersecurity company and US vendor, BeyondTrust. From there, they posed tech support until they could crack into secret government files.
The investigation is ongoing and new elements of the story are still being released. The situation left US lawmakers concerned and seeking answers.
“The fact that a CCP-sponsored APT actor was able to access Treasury’s information systems is unacceptable and raises serious questions about the protocols for safeguarding sensitive federal government information from future cybersecurity incidents,” writes Senator Tim Scott in a letter to Secretary Yellen.
The letter was co-written by French Hill, Vice Chair of the House Committee on Financial Services. Alongside raising scathing questions about the governments ability to protect itself, they are demanding answers from top officials.
“(The) Treasury maintains some of the most highly sensitive information on US persons throughout government, including tax information, business beneficial ownership, and suspicious activity reports.”
The story is still unfolding and the investigation is being handled by multiple agencies, including the FBI and CISA.
