In December 2024, the U.S. Treasury Department was breached by state-sponsored Chinese hackers in a significant cyberattack. The hackers used a stolen security key from BeyondTrust, a cybersecurity vendor, to gain remote access to Treasury workstations and unclassified documents.
BeyondTrust detected the breach on December 8 and promptly informed the Treasury. The affected systems were taken offline, and investigations by the FBI and Cybersecurity and Infrastructure Security Agency are ongoing. No evidence of continued unauthorized access has been found.
The Chinese Embassy denied involvement, calling the accusations unfounded, but experts suggest the tactics align with previous Chinese cyber-espionage efforts. This attack adds to a series of recent intrusions attributed to Chinese hackers targeting U.S. government and private entities, including email breaches of senior officials and telecom networks.
The Treasury is working with law enforcement and cybersecurity agencies to assess the damage and strengthen defenses.
