China Denies, U.S. Investigates—Treasury Hack Sparks Tensions

us treasury hacked china

Chinese Hackers Hit U.S. Treasury – But the Fallout Remains Unclear

Chinese hackers broke into several U.S. Treasury Department workstations, getting access to unclassified documents, according to officials. The breach was traced back to a third-party software service provider—an entry point that remains a weak link in cybersecurity defenses.

The department hasn’t said exactly how many workstations were accessed or what documents were stolen, but a letter sent to lawmakers about the incident noted: “At this time, there is no evidence indicating the threat actor has continued access to Treasury information.” Officials are treating this as a “major cybersecurity incident.”

Cybersecurity on High Alert

A Treasury spokesperson reassured the public, stating that the department takes threats against its systems “very seriously.” Over the last four years, it claims to have ramped up cybersecurity defenses, working with both public and private sectors to keep financial data secure.

China’s response? The usual. Foreign Ministry spokesperson Mao Ning dismissed the allegations, calling them “groundless” and repeating that China “opposes all forms of hacking.” Beijing has long denied accusations of cyber espionage, framing them as politically motivated.

A Growing Cyber Threat

This latest breach comes as the U.S. deals with an even larger cyber espionage campaign, Salt Typhoon, which let Chinese hackers intercept private messages and calls from an unknown number of Americans. As of Friday, officials confirmed at least nine telecommunications companies were compromised.

How the Breach Happened

The Treasury Department found out about the intrusion on Dec. 8 when the software provider BeyondTrust reported that hackers had stolen a security key. That key allowed them to bypass protections and remotely access employee workstations.

Since then, the compromised service has been shut down. Officials say there’s no sign the hackers still have access, but the incident raises questions about the security of third-party vendors that handle sensitive government systems.

The FBI, Cybersecurity and Infrastructure Security Agency, and others are still investigating. Treasury officials have linked the attack to Chinese state-backed hackers but haven’t shared further details.

For now, the biggest concern remains: How deep did they get, and what comes next?

us treasury hacked china