'%20x='0'%20y='0'%20height='100%25'%20width='100%25'%20%0A%20%20%20%20%20%20%20%20%20%20xlink%3Ahref='data:image/jpg;base64,/9j/2wBDAAYEBQYFBAYGBQYHBwYIChAKCgkJChQODwwQFxQYGBcUFhYaHSUfGhsjHBYWICwgIyYnKSopGR8tMC0oMCUoKSj/2wBDAQcHBwoIChMKChMoGhYaKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCj/wgARCAAHAAoDASIAAhEBAxEB/8QAFgABAQEAAAAAAAAAAAAAAAAAAAUG/8QAFAEBAAAAAAAAAAAAAAAAAAAAA//aAAwDAQACEAMQAAAAgbEJf//EAB8QAAIBAwUBAAAAAAAAAAAAAAECAwAFEwQSFCFBBv/aAAgBAQABPwD6q13qe/Qtbs/GYA6YRzKir16Cah42FM8MTTbRvIj6Le1//8QAFREBAQAAAAAAAAAAAAAAAAAAAQD/2gAIAQIBAT8AC//EABURAQEAAAAAAAAAAAAAAAAAAAAR/9oACAEDAQE/AK//2Q=='%3E%3C/image%3E%3C/svg%3E)
On December 30, the US Treasury Department stated that Chinese state-sponsored hackers reportedly tracked down and stole unclassified documents from US Treasury workstations last month.
In a letter sent to Congress, they noted:
“[The hackers] gained access to a key used by the vendor to secure a cloud-based service used to remotely provide technical support for Treasury Departmental Offices (DO) end users.”
The letter continued:
“With access to the stolen key, the threat actor was able to override the service’s security, remotely access certain Treasury DO user workstations, and access certain unclassified documents maintained by those users.”
The Treasury Department highlighted its serious approach to “threats against our systems” and the “data it holds,” stating that it is currently investigating the security breach. The US Treasury added that it has "significantly bolstered" the nation's cyber defense and will continue to work with both private and public sector partners to protect the financial system from threat actors.
Since the news went viral, reactions on the internet have varied. For instance, X user, @Gn10591059, commented on conservative political commentator Salty Goat’s post sharing a Fox News snippet of the story:
“When they saw our account balance, they logged out,” the user quipped.
Many people joined the conversation and shared similar reactions on the platform.
“Not only did my eyes roll but my entire head did,” a person wrote.
“Not surprised considering how ancient our physical and electronic security has become. Of course, our software is likely from the 80s as well,” one person wrote.
“They hacked themselves and kept the money like always!” wrote another.
Others continued to weigh in about the US Treasury cyberattack.
“Audit every employee for large deposits!” a netizen wrote.
“I'm with you. Next, billions unaccounted for!!...” a user wrote.
“I wonder what they have done that they are trying to cover up?” one netizen wrote.
“Maybe they deleted the national debt…” wrote another.
More about the US Treasury’s claim about being hacked by China
On Monday, the US Treasury Department claimed that China allegedly hacked its unclassified files and compromised a third-party cybersecurity service provider to gain access to its system in November 2024.
Describing it as a “major incident,” the US Treasury Department reported being alerted about the hack by the cybersecurity provider BeyondTrust on December 8, noting that the latter first saw suspicious activity six days before. They also mentioned that they were investigating the impact of the breach with the help of the FBI and the US Cybersecurity and Infrastructure Security Agency (CISA).
“The compromised BeyondTrust service has been taken offline and there is no evidence indicating the threat actor has continued access to Treasury systems or information,” a US Treasury spokesperson told AFP.
Meanwhile, Aditi Hardikar, the US Treasury's assistant secretary for management, directly blamed China in a letter to the US Senate Banking Committee. She added that the incident had been “attributed to a China state-sponsored Advanced Persistent Threat (APT) actor.”
For the unversed, an APT refers to a kind of cyberattack where the hacker maintains “undetected and unauthorized access to a target” for an extended period. Further details about the hack will be released soon by the US Treasury in a comprehensive public report.
In response to the accusation, the Chinese Embassy in Washington D.C. told the press that they firmly oppose the US's "smear attacks against China" that were without any "factual basis." Embassy representative Liu Pengyu added:
"The US needs to stop using cyber security to smear and slander China, and stop spreading all kinds of disinformation about the so-called Chinese hacking threats."
Mao Ning, China's foreign ministry spokeswoman, refuted the claims and told the media they were "baseless accusations lacking evidence."
"China consistently opposes all forms of hacking and firmly rejects the dissemination of false information targeting China for political purposes."
Notably, in September 2024, the US Department of Justice stated that they prevented a Chinese-backed cyberattack network that targeted 200,000 devices globally.
Earlier this month, the US also sanctioned a Chinese cybersecurity company alongside a research scholar in connection to a 2020 cyberattack. The attack reportedly tried to “exploit a computer software vulnerability in company firewalls,” as per Al Jazeera.
Last week, the Biden administration claimed that China's involvement in the hacking of U.S. telecommunication companies in the Salt Typhoon breach had increased to nine. They further stated that authorities were working to recover the breach and "kick out" the Volt Typhoon group.
Reportedly, this group has monitored routers, firewalls, and VPS vulnerabilities in the US across fields of water, transportation, energy, and communications and was able to gain access to lawmakers' phone and text communications.
In response, China denied all involvement and claimed it was against all kinds of cyberattacks. Meanwhile, US President-elect Donald Trump has continued to warn China against trade wars and tariffs concerning the entry of opioid fentanyl into the US.
