The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and law enforcement were alerted and are collaborating to assess the breach’s impact. Treasury officials have confirmed that the compromised service has been taken offline and that there is no evidence of continued access to Treasury systems or data. The incident has been classified as an advanced persistent threat (APT), a type of attack where intruders maintain undetected access over an extended period.
China’s foreign ministry strongly denied the accusations, labeling them “groundless” and claiming that Beijing opposes all forms of cyberattacks. The incident adds to ongoing tensions as U.S. authorities have repeatedly flagged Chinese government-backed cyber activity targeting key sectors such as government agencies, critical infrastructure, and private enterprises.
Past accusations have linked Chinese actors to notable breaches, including the Storm-0558 group’s intrusion into U.S. government email accounts in 2023 and the dismantling of the “Volt Typhoon” hacking network targeting critical infrastructure earlier this year. While investigations into the Treasury breach continue, the incident underscores the persistent challenges posed by state-sponsored cyber threats on global security.
Source: The Guardian
The European Cyber Intelligence Foundation is a nonprofit think tank specializing in intelligence and cybersecurity, offering consultancy services to government entities. To mitigate potential threats, it is important to implement additional cybersecurity measures with the help of a trusted partner like INFRA www.infrascan.net, or you can try yourself using check.website.