China denied any involvement in a major cyberattack that penetrated the U.S. Treasury Department and allowed hackers to obtain unclassified documents through a third-party cybersecurity provider.
In a Dec. 30 letter to lawmakers, U.S. Treasury Department officials said the breach was discovered on Dec. 8. Preliminary investigations suggested that a Chinese state-sponsored hacking group was the perpetrator, identified as Advanced Persistent Threat (APT).
The hackers exploited a vulnerability in a remote support service provided by cybersecurity company BeyondTrust, gaining unauthorized access to treasury workstations.
The compromised service was used to provide technical support to Treasury Department employees. By obtaining a key that secured cloud-based services, the attackers were able to bypass security measures and access sensitive documents stored on the systems.
BeyondTrust said the breach first…
