The US Treasury says some computers were breached by China-backed hackers

• The US Treasury has been hacked by China-backed actors in what the agency called a “major cybersecurity incident.”
• Hackers accessed “certain unclassified documents” through Treasury workstations, wrote a Treasury official.
• The US is also probing years-long hacking from China. Microsoft named the group “Salt Typhoon.”

China-backed hackers have accessed some US Treasury Department computers, the agency told Congress in a letter on Monday.

The Treasury learned of the hacking on December 8 when BeyondTrust, a third-party software provider, notified the agency that a hacker had gained access to a key used by BeyondTrust to get into a cloud-based service that provided remote technical support.

Aditi Hardikar, the Treasury’s assistant secretary for management, wrote in the agency’s letter that the hackers accessed “certain unclassified documents” through Treasury workstations.

The breach is considered a “major cybersecurity incident,” wrote Hardikar. The hackers do not still have access to the agency’s information, per her letter.

The Chinese embassy in Washington DC hit back at the accusation, saying in a statement to Bloomberg that the US was making “smear attacks against China without any factual basis.”

“The US needs to stop using cybersecurity to smear and slander China, and stop spreading all kinds of disinformation about the so-called Chinese hacking threat,” added the Chinese embassy.

The embassy did not immediately respond to a Business Insider request for comment outside regular business hours.

A BeyondTrust spokesperson told BI that a “limited number of customers” were involved in the security incident. The customers have been notified and offered support, he added.

Georgia-based BeyondTrust holds over $4 million worth of federal government contracts, according to a Bloomberg compilation of government data.

The news of the Treasury’s hacking comes as the US government continues to probe what US security officials say is a a years-long hacking campaign that originates in China.

The investigation started in the summer following alerts from Microsoft, which named the hacker group Salt Typhoon.

White House Deputy national security advisor Anne Neuberger told reporters earlier this month that while data belonging to millions of Americans was likely compromised, the hack targeted senior US officials.

“We believe the calls they recorded and took was really more focused on very senior political individuals,” she said.