Chinese hackers have accessed US documents in a ‘major cybersecurity incident’.
The hackers remotely broke into several Treasury Department workstations and unclassified documents after getting past a third-party software service provider, according to the federal agency on Monday.
Hackers ‘gained access to a key used by the vendor to secure a cloud-based service used to remotely provide technical support for Treasury Departmental Offices (DO) end users,’ the US Treasury Department stated in a letter to Congress.
‘With access to the stolen key, the threat actor was able to override the service’s security, remotely access certain Treasury DO user workstations, and access certain unclassified documents maintained by those users.’
It was not immediately disclosed which type of documents were seen.
‘At this time there is no evidence indicating the threat actor has continued access to Treasury information,’ stated the letter to lawmakers.
The Treasury Department became aware of the issue when the third-party provider, BeyondTrust, informed the agency on December 8 that hackers stole a key that allowed them to override security hurdles and enter employee workstations.
Since then, the service has been taken down and it does not appear that the hackers can still see agency information, Assistant Treasury Secretary Aditi Hardikar stated in the letter.
The department has blamed Chinese state-sponsored actors but not provided more details.
Just how wide the breach was is under investigation by the FBI and the Cybersecurity and Infrastructure Security Agency.
Got a story? Get in touch with our news team by emailing us at webnews@metro.co.uk. Or you can submit your videos and pictures here.
For more stories like this, check our news page.
Follow Metro.co.uk on Twitter and Facebook for the latest news updates. You can now also get Metro.co.uk articles sent straight to your device. Sign up for our daily push alerts here.
