CISA says ‘no indication’ other US government agencies affected in Treasury hack

News
By
published

CISA is still monitoring for possible future impacts

China US flags cropped
(Image credit: Medium)
  • The US Treasury Department suffered a cyberattack in late 2024
  • CISA has confirmed it does not believe any other agencies were affected
  • The hack has been attributed to a Chinese threat actor

The Cybersecurity and Infrastructure Security Agency (CISA) has confirmed that there is currently ‘no indication’ that any other federal government agencies were impacted by the recent suspected state-sponsored hack against the US Treasury Department.

The December 2024 hack was declared a ‘major incident’, as key systems were left vulnerable, with the attack resulting in stolen documents and breached systems, and an initial agency assessment concluding the attack was carried out by a ‘China-based Advanced Persistent Threat Actor’, officials said.

By compromising third-party security provider BeyondTrust, attackers were able to gain remote access used by the vendor to override some Treasury Department systems, but despite BeyondTrust supplying security solutions for multiple agencies such as CISA, NSA, and NIST, the Treasury seems to be the only compromised department.

A combined effort

The breach was short lived, with suspicious activity first spotted on December 2, and the Treasury was notified by BeyondTrust on December 8. The Treasury is required by law to provide an update within 30 days, so more details about the nature of the stolen files is likely to be revealed later this month.

China has of course denied any involvement with the breach, and has confirmed the state ‘consistently opposes all forms of hacking and firmly rejects the dissemination of false information targeting China for political purposes’.

“CISA is working closely with the Treasury Department and BeyondTrust to understand and mitigate the impacts of the recent cybersecurity incident,” the agency confirmed in a statement.

“At this time, there is no indication that any other federal agencies have been impacted by this incident. CISA continues to monitor the situation and coordinate with relevant federal authorities to ensure a comprehensive response.”

You might also like

Ellen Jennings-Trace
Ellen Jennings-Trace
Staff Writer

Ellen has been writing for almost four years, with a focus on post-COVID policy whilst studying for BA Politics and International Relations at the University of Cardiff, followed by an MA in Political Communication. Before joining TechRadar Pro as a Junior Writer, she worked for Future Publishing’s MVC content team, working with merchants and retailers to upload content.

Read more
China
US Treasury declares ‘major incident’ after apparent state-sponsored Chinese hack
An American flag flying outside the US Capitol building against a blue sky
More alleged Chinese intrusions into the US Treasury revealed
An American flag flying outside the US Capitol building against a blue sky
Chinese cybersecurity firm sanctioned by US Treasury over alleged links to Salt Typhoon hackers
China
US Government officials urged to lock down devices amid telecoms breach
A digital themed isometric showing a neon padlock in the foreground, and a technological diagram of a processor logic board in the background.
CISA tells agencies to patch BeyondTrust bug now
China
Chinese cybersecurity firm facing US sanctions over alleged ransomware attacks
Latest in Security
Webex by Cisco banner on a Chromebook
Cisco warns some Webex users of worrying security flaw, so patch now
Red padlock open on electric circuits network dark red background
AI-powered cyber threats are becoming the biggest worry for businesses everywhere
Woman using iMessage on iPhone
Apple to take legal action against British Government over backdoor request
Red padlock open on electric circuits network dark red background
Aviaton firms hit by devious new polyglot malware
A laptop with a red screen with a white skull on it with the message: "RANSOMWARE. All your files are encrypted."
Major ransomware attack sees Tata Technologies hit - 1.4TB dataset with over 730,000 files allegedly stolen
Image of laptop infected with malware
Ransomware criminals are now sending their demands...by snail mail?
Latest in News
A hand holding a phone showing the Android Find My Device network
Android's Find My Device can now let you track your friends – and I can't decide if that's cool or creepy
Insta360 X4 360 degree camera without lens protector
Leaked DJI Osmo 360 image suggests GoPro and Insta360 should be worried – here's why
A YouTube Premium promo on a laptop screen
A cheaper YouTube Premium Lite plan just rolled out in the US – but you’ll miss out on these 4 features
Viaim RecDot AI true wireless earbuds
These AI-powered earbuds can also act as a dictaphone with transcription when left in their case
The socket interface of the Intel Core Ultra processor
Intel unveils its most powerful AI PCs yet - new Intel Core Ultra Series 2 processors pack in vPro for lightweight laptops and high-performance workstations alike
An Nvidia GeForce RTX 5070
Nvidia confirms that an RTX 5070 Founders Edition is coming... just not on launch day
More about security
Webex by Cisco banner on a Chromebook

Cisco warns some Webex users of worrying security flaw, so patch now
Image of laptop infected with malware

Ransomware criminals are now sending their demands...by snail mail?
Volkswagen ID.EVERY1 Concept Car

Volkswagen reveals the ID.1 concept car, which will spawn its cheapest all-electric model to date
See more latest
Most Popular
Volkswagen ID.EVERY1 Concept Car
Volkswagen reveals the ID.1 concept car, which will spawn its cheapest all-electric model to date
Eurocom Raptor X17
This $12,000 laptop comes with 24TB RAID-0 SSD storage, 128GB of RAM, and Intel's most powerful mobile CPU - but no Nvidia RTX 5090M GPU
BYD Ling Yuan DJI Drone launcher
BYD’s new roof-mounted DJI drone launchpad looks like a dream for filming road trips – but less so for car safety
An AI face in profile against a digital background.
'Simulating scientists': A new AI tool wants to make serendipitous scientific discovery less human
A hand holding a phone showing the Android Find My Device network
Android's Find My Device can now let you track your friends – and I can't decide if that's cool or creepy
Webex by Cisco banner on a Chromebook
Cisco warns some Webex users of worrying security flaw, so patch now
A YouTube Premium promo on a laptop screen
A cheaper YouTube Premium Lite plan just rolled out in the US – but you’ll miss out on these 4 features
Viaim RecDot AI true wireless earbuds
These AI-powered earbuds can also act as a dictaphone with transcription when left in their case
Insta360 X4 360 degree camera without lens protector
Leaked DJI Osmo 360 image suggests GoPro and Insta360 should be worried – here's why
The socket interface of the Intel Core Ultra processor
Intel unveils its most powerful AI PCs yet - new Intel Core Ultra Series 2 processors pack in vPro for lightweight laptops and high-performance workstations alike