WASHINGTON—Chinese hackers remotely breached the U.S. Treasury Department earlier this month, stealing documents from its workstations, according to a letter the agency sent to lawmakers on Monday. The Treasury Department described the breach as a “major incident.”
On Dec. 8, Chinese state-sponsored hackers compromised a third-party software service provider, Beyond Trust, accessing certain unclassified documents, according to the letter by Aditi Hardikar, an assistant Treasury secretary.
The letter stated that the hackers gained “access to a key used by the vendor to secure a cloud-based service used to remotely provide technical support for Treasury Departmental Offices (DO) end users. With access to the stolen key, the threat actor was able to override the service’s security, remotely access certain Treasury DO user workstations, and access certain unclassified documents maintained by those users.”...
