The US Department of the Treasury has confirmed a security breach involving unauthorized access to its systems, attributed to a China state-sponsored Advanced Persistent Threat (APT) actor.
On December 8, the Treasury was alerted by BeyondTrust about a stolen key for remote support, allowing a threat actor potential access to various departmental systems.
After the compromise of the BeyondTrust API key, the service was immediately taken offline, yet for a period, the attackers could have accessed unclassified files.
An internal letter from the Treasury stated that details surrounding the breach would be shared within 30 days, as major cybersecurity incidents require thorough reporting.
Collection
[
|
...
]