The US Treasury Department said it had been a victim of a cyberattack by state-sponsored Chinese hackers. In a letter shared with US lawmakers (via TechCrunch), the Treasury said the hackers managed to gain remote access to employee workstations and unclassified documents.
The weak link was a third-party software provider, BeyondTrust. The company said the hackers gained access to a security key from their database. Using the key, the hackers managed to get remote access to user workstations that contained unclassified documents. The service is now offline.
The Treasury is working closely with CISA, FBI, and other intelligence agencies to determine the scope of the attack. The Treasury wrote that based "on available indicators, the incident has been attributed to a China state-sponsored Advanced Persistent Threat (APT) actor."
According to Bloomberg, a Chinese Foreign Ministry spokesperson said the claims were "unwarranted and groundless."
In a press conference in Beijing, spokeswoman Mao Ning told reporters that China opposed "all forms of hacking, and in particular, we oppose spreading China-related disinformation motivated by political agenda."