US Treasury says Chinese state-sponsored hackers stole documents in 'major cyber incident'

The US Treasury says Chinese hackers were able to steal documents in a major cyber attack in the early hours of Tuesday.

The US executive agency, responsible for promoting economic prosperity and ensuring Washington’s financial security says   the hackers were able to retrieve several unclassified documents after compromising a third-party software service provider.

The department did not provide details on how many workstations were breached or the nature and sensitivity of the documents stolen. In a letter sent to US lawmakers, the Department of the Treasury said “at this time there is no evidence indicating the threat actor has continued access to Treasury information”.

“Treasury takes very seriously all threats against our systems, and the data it holds”, said a spokesperson in a separate statement, adding that an investigation into the incident was launched to identify the nature of the breach and losses incurred.

The revelations comes as US officials continue to grapple with the fallout of a massive Chinese cyberespionage campaign, known as Salt Typhoon, which gave officials in Beijing access to private texts and phone conversation of an unknown number of Americans. At least nine telecommunications companies in the United States have been affected by the hack, according to a top White House official.

US officials first launched of the Salt Typhoon breaches on 8 December, when a third-party software provider, BeyondTrust, flagged the incident to them. BeyondTrust said hackers stole a key used by the vendor to “secure a cloud-based service used to remotely provide technical support to workers”. That key allowed the hackers to override the system, gaining remote access to several employees’ workstations.

The US Treasury