Lawmakers are demanding explanations following a significant cybersecurity breach at the U.S. Treasury Department, attributed to Chinese state-sponsored hackers. This incident, described as a "major event," involved unauthorized access to employee workstations and unclassified documents through a compromised third-party service provider, BeyondTrust.

The Treasury Department was alerted to the breach on December 8, after BeyondTrust detected suspicious activity starting on December 2. It took several days for BeyondTrust to confirm that a hack had occurred.

Hackers exploited a security key associated with BeyondTrust, which provided remote technical support to Treasury employees. This allowed them to bypass security measures and gain access to multiple user workstations.

While specific details regarding the number of affected workstations and the nature of the accessed documents remain undisclosed, the Treasury emphasized that there is currently no evidence suggesting ongoing access by the hackers.

GOP lawmakers, including Senator Tim Scott and Representative French Hill, have expressed alarm over the breach's implications for national security. They have formally requested a hearing with Treasury Secretary Janet Yellen to discuss how such a significant breach could occur and what measures are being taken to prevent future incidents.

In response to the allegations, a spokesperson for the Chinese embassy in Washington dismissed the claims as unfounded and part of a "smear campaign." They emphasized that attributing cyberattacks can be complex and urged for a professional approach towards cybersecurity discussions.

The Treasury Department is collaborating with the FBI and other cybersecurity agencies to assess the breach's full ramifications. A follow-up report detailing their findings is expected within 30 days.

This incident adds to growing concerns about cybersecurity threats posed by state-sponsored actors and highlights the vulnerabilities within federal information systems.

ANI