From PC Mag: A China-backed threat actor accessed workstations and unclassified documents of US Treasury Department employees, The New York Times reports.
In a letter to Senate Banking Committee leaders on Monday, Treasury said it was notified of the cyberattack on Dec. 8 by BeyondTrust, a third-party software service provider.
Hackers stole a security key used by the vendor to provide remote technical support to Treasury Departmental Offices (DO) end users, which they used to "override the service’s security, remotely access certain Treasury DO user workstations, and access certain unclassified documents maintained by those users," Aditi Hardikar, Assistant Secretary for Management at the Treasury Department, wrote to Sens. Sherrod Brown and Tim Scott.
"The compromised BeyondTrust service has been taken offline, and at this time, there is no evidence indicating the threat actor has continued access to Treasury information," Hardikar adds.
View: Full Article
