Suspected Chinese Hackers Breach US Treasury Systems, Accessing Top Officials’ Computers

By Staff, Agencies

A suspected Chinese cyberattack infiltrated the US Treasury Department last December, gaining access to computers used by top officials, including Treasury Secretary Janet Yellen, according to Bloomberg News.

The breach targeted over 400 computers, exploiting a vulnerability in third-party software to bypass the network’s defenses, as previously reported to Congress. Among those affected were Yellen, Deputy Secretary Wally Adeyemo, and Acting Under Secretary Brad Smith.

Less than 50 files were accessed on Yellen's machine, sources familiar with the matter told Bloomberg.

US authorities identified the hacking group ‘Silk Typhoon’ or ‘UNC5221,’ which they believe is backed by the Chinese government. Beijing has denied any involvement in the breach.

The attack was detected by BeyondTrust, the company whose software allowed the infiltration. Hackers obtained a security key used by the vendor for remote support of Treasury systems.

Approximately 3,000 files were compromised, including sensitive data such as Treasury employee usernames. However, classified materials and email systems were not breached.

Investigators suggest the attackers were primarily interested in the department’s work on enforcing US-imposed economic sanctions.

In response, the Chinese government accused the US of using such incidents to undermine Beijing’s reputation and justify its sanctioning practices.