The US Treasury Department is blaming Chinese state-backed hackers for compromising its systems to access unclassified documents.
In a letter from the US Treasury Department to Congress, it is claimed that hackers compromised a third-party cybersecurity service provider to gain access.
According to the US Treasury Department, hackers gained access to a key used by the vendor to secure a cloud-based service used to remotely provide technical support for Treasury Departmental Offices users.
Once they had the key, the hackers were able to override the service’s security, remotely access some user workstations, and access unclassified documents maintained by those users.
The cybersecurity provider, BeyondTrust, alerted the US Treasury Department to the compromise on 8 December.
The service has since been taken offline, and it is believed that there are no other compromises to the department’s security.