Chinese State-Backed Hackers Breach US Treasury Department Systems in Major Cybersecurity Incident

In a significant cybersecurity breach, the U.S. Treasury Department has confirmed that Chinese state-sponsored hackers successfully infiltrated several of its workstations through a third-party security provider. The incident, reported to Congress through an official letter, marks another concerning development in state-level cyber warfare.

The sophisticated cyber operation, which occurred in early 2025, exploited vulnerabilities in BeyondTrust, a cybersecurity service provider contracted by the Treasury. The breach enabled unauthorized remote access to Treasury workstations and various unclassified documents, according to department officials.

Upon discovering the intrusion, Treasury officials promptly engaged the Cybersecurity and Infrastructure Security Agency (CISA) and initiated collaboration with law enforcement partners to assess the extent of the breach. The Treasury’s swift response included taking the compromised BeyondTrust service offline to prevent further unauthorized access.

In their communication to the Senate Banking Committee leadership, Treasury officials explicitly attributed the cyber intrusion to a Chinese state-sponsored Advanced Persistent Threat (APT) actor. While the full scope of the breach remains under investigation, officials have confirmed that there is no evidence suggesting ongoing unauthorized access to Treasury systems or data.

The Treasury Department has announced plans to release a detailed supplemental report providing additional information about the incident’s impact and the measures taken to enhance security protocols.


Discover more from

Subscribe to get the latest posts sent to your email.

You May Also Like

More From Author