Chinese hackers recently infiltrated multiple U.S. Treasury Department workstations and accessed unclassified documents by compromising a third-party software service provider. This incident has been classified as a “major cybersecurity incident” by the Treasury Department. Although the exact number of affected workstations and the types of documents accessed remain undisclosed, the department insists there is currently no evidence of ongoing access to its information by the hackers.
A department spokesperson emphasized the importance the Treasury places on safeguarding its systems and data, highlighting efforts over the past four years to enhance cybersecurity measures. They also affirmed ongoing collaboration with private and public sector partners to protect the financial system.
In response to these allegations, the Chinese government reiterated its stance against hacking and dismissed the accusations as unsubstantiated. A Foreign Ministry spokesperson stated that China opposes all forms of hacking and the spread of what it considers false information for political reasons.
The breach, associated with a wider cyberespionage effort known as Salt Typhoon, has raised concerns following similar intrusions affecting U.S. telecommunications. Investigations involving the FBI and the Cybersecurity and Infrastructure Security Agency are underway, with the attack attributed to Chinese state-sponsored actors. The Treasury Department is taking steps, such as removing compromised services, to mitigate any further threats.