US Treasury Department Admits It Got Hacked by China

Category: Cybersecurity

The US Treasury Department experienced a cybersecurity breach attributed to a China state-sponsored APT actor, allowing hackers to access certain unclassified documents. The breach was facilitated through vulnerabilities in BeyondTrust's remote tech support software, leading to the theft of an authentication key. The Treasury is collaborating with the FBI and other agencies to assess the situation, while BeyondTrust has acknowledged the incident affecting a limited number of its customers.

Keywords: US Treasury, cybersecurity breach, BeyondTrust

Source: WIRED

Update At: 12/31/2024

Related Sources

US Treasury says it was hacked by China in 'major incident'

The US Treasury Department reported a major cybersecurity incident involving a hack attributed to China-based actors, which allowed access to employee workstations and unclassified documents. China denied the allegations, calling them baseless. The breach was linked to a third-party service provider, BeyondTrust, which has since been taken offline. The incident is part of a series of high-profile hacks attributed to Chinese state-sponsored hackers, raising concerns over cybersecurity in the US.

BBC News

Chinese hackers access U.S. Treasury Department workstations, obtain unclassified documents

Chinese hackers accessed U.S. Treasury Department workstations and unclassified documents through a compromised third-party software provider. The Treasury is investigating the incident, which is classified as a major cybersecurity breach. China has denied involvement, while U.S. officials are dealing with the repercussions of a broader cyberespionage campaign. The Treasury Department is collaborating with the FBI and cybersecurity agencies to address the breach.

CBS News

U.S. Treasury says its computers were hacked by a Chinese 'threat actor' in 'major incident'

A state-sponsored Chinese hacking operation accessed third-party software to infiltrate U.S. Treasury employees' desktop computers, leading to a significant security breach. The Treasury Department confirmed that unclassified documents were accessed and is collaborating with various agencies to assess the incident's impact. The compromised service has been taken offline, and there is no evidence of continued access to Treasury systems.

NBC News

Steven Hernandez Appointed Chief Information Security Officer at USAID - HS Today

Steven Hernandez has been appointed as the Chief Information Security Officer (CISO) at USAID, also taking on roles as Deputy Chief Information Officer and Chief Privacy Officer. He previously served as CISO at the U.S. Department of Education and has been influential in federal cybersecurity strategy as co-chair of the Federal Chief Information Security Officer Council. Hernandez is also an advocate for cybersecurity education and holds an MBA in Information Assurance.

HSToday

North Korea is likely behind the $1.5bn Bybit hack, researchers say

Hackers linked to North Korea are suspected of executing a $1.5 billion hack on the crypto exchange Bybit, with connections to previous hacks attributed to the Lazarus Group. Security researchers have identified similarities in the methods used, indicating a pattern of North Korean cybercrime aimed at funding the regime's nuclear program. The incident raises concerns about the recovery of the stolen assets, as North Korea's involvement could complicate efforts to trace and reclaim the funds.

DL News

Club Connect: Meet the…Stockton Cybersecurity Warriors

Stockton Cybersecurity Warriors (SCW) is a club for individuals interested in cybersecurity and hacking, welcoming members from all majors who have a desire to learn. The club participates in events like the Hackathon and hosts workshops to enhance members' skills and knowledge.

Stockton University

AT&T Hacked: Nearly All Text and Phone Records Obtained By Hacker

AT&T reports a significant hack where call and text records of 'nearly all' wireless customers were compromised. The data obtained does not include personal information but contains telephone numbers, call durations, and communication frequency. AT&T is cooperating with law enforcement to address the incident.

The Hollywood Reporter

AT&T says hackers stole records of nearly all cellular customers' calls and texts

Hackers stole six months' worth of call and text message records of nearly every AT&T cellular network customer. The data breach did not compromise the content of the calls and messages, but it included phone numbers. AT&T has taken cybersecurity measures and is assisting law enforcement in apprehending the hackers.

NBC News

AT&T says hacker stole some data from 'nearly all' wireless customers - ABC News

AT&T announced that a hacker stole records of calls and texts from nearly all of AT&T’s wireless customers. The stolen data does not contain personal information. AT&T has taken additional cybersecurity measures and is working with law enforcement to address the incident.

ABC News - Breaking News, Latest News and Videos

AT&T data breach: Customers' text, call records from 2022 exposed

AT&T disclosed a massive breach where call and text records of its cellular customers were illegally downloaded from a third-party cloud platform. The compromised data includes records from May 1, 2022, to Oct. 31, 2022, for most customers, and from January 2, 2023, for a few. The data does not contain personal information but may allow linking numbers to names.

USA Today