Treasury Department hit in cyberbreach by China-sponsored actor, officials say [Video]

The Treasury Department was breached by a China-sponsored actor earlier this month, officials told Congress in a letter on Monday.

The “major” breach was achieved by gaining access to a third-party cybersecurity service Treasury used, called BeyondTrust, they said.

The actor then accessed Treasury workstations and “certain unclassified documents” on them, department officials said in a letter to the Senate Banking Committee.

The threat actor was able to “override the service’s security, remotely access certain Treasury DO user workstations, and access certain unclassified documents maintained by those users,” the letter said.

Treasury has ceased use of BeyondTrust since discovering the incident.

“The compromised BeyondTrust service has been taken offline and there is no evidence indicating the threat actor has continued access to Treasury systems or information,” according to a Treasury Department spokesperson.

The department has been working with the FBI and THE Cybersecurity and Infrastructure Security Agency (CISA) as well as the intelligence community to “fully characterize …