A Chinese state-sponsored hacker has penetrated the systems of the US Treasury Department, gaining access to employee workstations and some unclassified documents, officials said Monday.
The breach occurred in early December and was made public in a letter written by the Treasury Department to lawmakers notifying them of the incident.
In the letter, the Treasury Department said the China-based actor was able to override the security through a key used by a third-party service provider that offers remote technical support to its employees.
The US agency characterized the breach as a “major incident” and said it was working with the FBI and other agencies to investigate the impact.
The compromised third-party service — called BeyondTrust — has since been taken offline, officials said. They added that there was no evidence to suggest that the hacker had continued to access Treasury information since then.
Along with the FBI, the Department is working with the Cybersecurity and Infrastructure Security Agency and third-party forensic investigators to determine the overall impact of the breach.
Based on the evidence gathered so far, officials said the hack appears to have been carried out by a “China-based Advanced Persistent Threat (APT) actor.”
“In accordance with Treasury Department policy, intrusions due to APTs are considered a major cybersecurity incident,” Treasury officials wrote in their letter to lawmakers.
The ministry was notified of the hack on December 8 by BeyondTrust, a spokesman told the BBC. The agency immediately notified the law enforcement authorities.
The spokesman added that the hacker was able to remotely access several Treasury users' workstations and some unclassified documents that were stored by those users.
The ministry did not specify the nature of these files, nor when or for how long the hacking took place.
The spokesman said the Treasury “takes all threats against our systems and the data it holds very seriously” and that it would continue to work to protect its data from external threats.
China has been accused of espionage in the past by US officials. She regularly denies such accusations.