Chinese hackers breach US treasury network, gain access to some files
www.theguardian.com
Third-party cybersecurity provider was compromised after hackers obtained key to override certain systems

Summary

A Chinese state-sponsored hacker group breached the U.S. Treasury Department by exploiting a vulnerability in the third-party cybersecurity provider BeyondTrust.

The attackers used a stolen key to override security measures, accessing departmental workstations and unclassified documents.

The Treasury Department, alerted on December 8, reported no evidence of ongoing access.

The department is working with the Cybersecurity and Infrastructure Security Agency (CISA) and the FBI to investigate the breach, which highlights risks tied to third-party software vulnerabilities.