Treasury Breached: Chinese Hackers Access U.S. Financial Data

Chinese intelligence has breached the U.S. Department of the Treasury, gaining access to employee workstations and unclassified documents, the Biden administration reported. This incident marks yet another link in a chain of significant cyberattacks targeting American institutions.

According to the Treasury Department, the attackers exploited a stolen security key, granting remote access to specific workstations. The hackers have been identified as operatives of a Chinese state-sponsored group, and the event has been classified as a “major cyber incident.”

While the precise objectives of the attack remain unclear, it is presumed to have been an espionage operation. Senior officials confirmed that it did not involve attempts to inject malicious code into U.S. infrastructure, as has occurred in previous cases.

The U.S. Treasury Department plays a pivotal role in the international financial system and monitors sanctions imposed on Chinese companies, including those supporting Russia in its war against Ukraine. Such data is of substantial interest to Beijing.

This breach comes amid a backdrop of other major cyber intrusions. Previously, the Salt Typhoon group infiltrated nine American telecommunications companies, accessing text messages, phone calls, and surveillance target lists. This raised alarms that Beijing might uncover which of its operatives are under U.S. surveillance.

The Treasury Department assured that, in collaboration with the FBI and other agencies, it has mitigated the impact of the breach. The compromised service has been decommissioned, and there is no evidence of ongoing access. A more detailed report is set to be presented to Congress.

China has denied the allegations, calling them baseless, and reiterated its opposition to cyberattacks. Concurrently, the U.S. Department of Commerce announced a ban on the remaining operations of China Telecom within the country.