China broke into the US Treasury Department, hackers stole many important documents.

 | 
as

On Monday, the US Treasury Department told Congress that in a 'cyber attack' earlier this month, Chinese government-sponsored hackers gained access to the US Treasury Department's computers and stole some important documents.

News agency Reuters has given this information quoting officials of the Treasury Department. In a letter written to lawmakers, it has been said that Chinese hackers (APT) compromised the third-party cyber security service provider BeyondTrust and succeeded in accessing unclassified documents.

Aditi Hardikar, Assistant Secretary for Management at the US Treasury Department, has said, 'Based on available indications, this incident was carried out by Advanced Persistent Thread (APT) sponsored by the Chinese government.'

Treasury Department wrote a letter to Congress.

According to a Treasury Department letter to the Senate Banking Committee leadership, hackers accessed keys used by the vendor to secure a cloud-based service used to provide remote technical support to Treasury Departmental Office (DO) end-users.

The Treasury Department said that BeyondTrust informed them about this security breach on December 8. Along with the US Cyber ​​Security and Infrastructure Security Agency (CISA) and the FBI, they are assessing the impact of the hackers.

CISA and FBI start investigating

According to the letter, CISA has been working with the Treasury Department as soon as it received information about the cyber attack, while other investigative agencies, including the FBI, were also informed as soon as concrete evidence of a security breach was found.

A US Treasury Department spokesperson told CNN that the hacked service has been taken offline and there are currently no indications that the hackers still have access to Treasury Department computers or any information.

According to CNN, Treasury Department officials will present a classified report of the entire matter to the House Financial Services Committee next week to assess the security breach. However, the timing of this meeting has not been set yet.

A cyber ​​attack done in early December

Meanwhile, a Johns Creek, Georgia-based BeyondTrust spokesperson told Reuters that the company identified a security incident related to its remote support product in early December this year and took measures to correct it. The spokesperson said that BeyondTrust informed a limited number of customers and officials involved in this. He said that BeyondTrust is supporting the investigation of the matter.