TechnologyThe US Treasury Department was hacked

The US Treasury Department was hacked


The US Treasury Department suffered a “major” security incident after a China state-sponsored hacker broke into the third-party remote management software it uses, as reported earlier by The New York Times.

In a letter to lawmakers seen by The Verge, the Treasury Department said BeyondTrust, the company behind its remote management software, notified the agency of a breach on December 8th.

The threat actor stole a key used by BeyondTrust “to secure a cloud-based service used to remotely provide technical support for Treasury Departmental Offices (DO) end users.” With the key, they overrode the security to remotely access those users’ workstations and “some unclassified documents” they maintained.

The Treasury Department said it worked with the Cybersecurity and Infrastructure Security Agency (CISA) and the FBI following the attack, which has been attributed to a China state-sponsored Advanced Persistent Threat (APT) hacker. “The compromised BeyondTrust service has been taken offline and there is no evidence indicating the threat actor has continued access to Treasury systems or information,” US Treasury Department spokesperson Michael Gwin said in a statement to The Verge.

The attack seems to be linked to a security incident BeyondTrust disclosed earlier this month, impacting customers using its remote support software. At the time, BeyondTrust attributed the attack to a compromised API key for its remote support software, adding that it “immediately revoked the API key, notified known impacted customers, and suspended those instances the same day.” The Verge reached out to BeyondTrust with a request for comment but didn’t immediately hear back.

“Treasury takes very seriously all threats against our systems, and the data it holds,” Gwin said. “Over the last four years, Treasury has significantly bolstered its cyber defense, and we will continue to work with both private and public sector partners to protect our financial system from threat actors.”



Original Source Link

Latest News

The rise of the sidepreneurs

How hourly workers are turning side hustles into success In today’s evolving workforce, a growing number of individuals...

Bitcoin Shows Signs of Recovery as Leverage Decreases and Outflows Rise

Bitcoin is now experiencing a break from last week’s steady decline, which saw the asset drop as low...

Donald Trump to halt law banning bribery of foreign officials

Unlock the White House Watch newsletter for freeYour guide to what the 2024 US election means for Washington...

The best sleep trackers and sleep tech for 2025

Sleep tech runs the gamut from trackers and apps to expensive smart beds, but it doesn’t all address...

DOGE takes on the Deep State

In this week's The Reason Roundtable, editors Peter Suderman, Matt Welch, Katherine Mangu-Ward, and special guest Christian Britschgi assess the first steps taken...

Must Read

- Advertisement -

You might also likeRELATED
Recommended to you