Chinese state-sponsored hackers infiltrated the U.S. Treasury Department's systems, accessing unclassified files on Treasury Secretary Janet Yellen's computer, as well as those of Deputy Secretary Wally Adeyemo and Acting Under Secretary Brad Smith. The breach, identified on December 8, 2024, occurred through a compromised third-party cybersecurity provider, BeyondTrust. Hackers obtained a security key from BeyondTrust, enabling remote access to multiple Treasury workstations.
Investigations revealed that the attackers accessed over 3,000 unclassified files across more than 400 Treasury computers, including sensitive information related to sanctions and the Committee on Foreign Investment in the U.S. The Treasury Department has classified this incident as a "major cybersecurity incident" and is collaborating with the FBI and the Cybersecurity and Infrastructure Security Agency to assess the breach's impact. China's foreign ministry has denied involvement, stating opposition to all forms of cyberattacks.
