Unclassified documents were stolen after a hack earlier this month, according to a letter sent by Treasury to Congress.
Chinese state-sponsored hackers were able to steal unclassified documents from United States Treasury workstations earlier this month, the US Treasury Department has said.
The department said on Monday that the hackers were able to compromise a third-party cybersecurity service provider and gain access to the documents in what it described as a “major incident”.
“[The hackers] gained access to a key used by the vendor to secure a cloud-based service used to remotely provide technical support for Treasury Departmental Offices (DO) end users,” a letter sent by the US Treasury Department to Congress said. “With access to the stolen key, the threat actor was able to override the service’s security, remotely access certain Treasury DO user workstations, and access certain unclassified documents maintained by those users.”
A statement from the Treasury said that the department “takes very seriously all threats against our systems, and the data it holds”.
The Treasury Department was alerted to the hack by the cybersecurity provider, BeyondTrust on December 8. The department says it is working with the US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI to assess the impact of the hack.
“The compromised BeyondTrust service has been taken offline and there is no evidence indicating the threat actor has continued access to Treasury systems or information,” a spokesperson for the Treasury Department told AFP.
The letter to the leadership of the US Senate Banking Committee directly accused China, saying that the incident had been “attributed to a China state-sponsored Advanced Persistent Threat (APT) actor”.
An APT is a cyberattack where the hacker can maintain undetected and unauthorised access to a target for a period of time.
The Treasury Department said that more information would be released in a supplemental report at a later date.
The report of the hack comes less than a month ahead of the inauguration of US President-elect Donald Trump.
Trump has threatened China with a trade war and tariffs, saying that Beijing had not done enough to stop the flow of the opioid fentanyl to the US.
Both Trump’s Republicans and the Democrats have warned against Chinese threats against the US, particularly in the realm of cybersecurity.
In September, the US Justice Department said that it had stopped a cyberattack network run by Chinese-backed hackers that had affected 200,000 devices worldwide.
And earlier in December, the US sanctioned a Chinese cybersecurity firm and a researcher over a 2020 attack that attempted to exploit a computer software vulnerability in company firewalls.
China has denied any involvement in the attacks and says that it opposes all forms of cyberattacks.
