Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Incidents

Hackers Breach US Treasury Workstations

December 31, 2024
Reading Time: 2 mins read
in Incidents
Hackers Breach US Treasury Workstations

Chinese hackers have successfully breached U.S. Treasury Department workstations by exploiting a vulnerability in a cloud-based service operated by BeyondTrust. The incident, which was described as a “major cybersecurity event,” unfolded when a key used by BeyondTrust to secure a remote support service was compromised. With this stolen key, the hackers bypassed security measures and were able to remotely access Treasury Department workstations and unclassified documents. The full scope of the breach remains unclear, with no information provided regarding the number of affected workstations or the specific documents accessed.

The breach was first detected on December 8, 2024, when BeyondTrust alerted the Treasury Department about the compromised key. The hackers’ access allowed them to infiltrate certain departmental offices (DO) and retrieve sensitive data. While the Department of the Treasury did not provide further specifics on the impact of the breach, it has been attributed to a Chinese state-sponsored Advanced Persistent Threat (APT) actor. This incident highlights the growing risks posed by cyber espionage campaigns targeting government institutions and critical infrastructure.

Following the discovery of the breach, the Treasury Department engaged with key U.S. cybersecurity agencies, including the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and various intelligence bodies, to assess the damage and secure its systems. CISA was immediately brought in to help characterize the incident and determine the full extent of the compromise. Meanwhile, BeyondTrust worked to mitigate the issue by revoking the compromised key, patching the vulnerability, and alerting its affected clients. The compromised cloud service has since been taken offline to prevent further unauthorized access.

This attack comes amidst growing concerns over Chinese cyberespionage activities, particularly in light of the ongoing Salt Typhoon campaign, which has resulted in breaches across multiple sectors. The Salt Typhoon campaign has already been linked to the theft of private communications, including text messages and phone conversations, from several telecommunications companies. As the U.S. government continues to investigate these incidents, the breach at the Treasury Department serves as a stark reminder of the persistent and evolving threat posed by nation-state actors in the realm of cybersecurity.

Reference:
  • Chinese Hackers Breach US Treasury Workstations via Compromised API Key
Tags: BeyondTrustcyber incidentsCyber Incidents 2024CyberattackDecember 2024HackersVulnerabilities
ADVERTISEMENT

Related Posts

German Dealer Leymann Hacked Closes Stores

Massive Leak Exposes 16 Billion Credentials

June 20, 2025
German Dealer Leymann Hacked Closes Stores

Chinese Spies Target Satellite Giant Viasat

June 20, 2025
German Dealer Leymann Hacked Closes Stores

Tonga Health System Down After Ransomware

June 20, 2025
German Dealer Leymann Hacked Closes Stores

German Dealer Leymann Hacked Closes Stores

June 20, 2025
UBS and Pictet Hit By Vendor Data Breach

Hacker Mints $27M From Meta Pool Gets 132K

June 19, 2025
UBS and Pictet Hit By Vendor Data Breach

UBS and Pictet Hit By Vendor Data Breach

June 19, 2025

Latest Alerts

Winos 4.0 Malware Hits Taiwan Via Tax Phish

New Amatera Stealer Delivered By ClearFake

New Godfather Trojan Hijacks Banking Apps

Fake Minecraft Mods On GitHub Spread Malware

Fake Invoices Deliver Sorillus RAT In Europe

Russian Phishing Scam Bypasses Google 2FA

Subscribe to our newsletter

    Latest Incidents

    Massive Leak Exposes 16 Billion Credentials

    Tonga Health System Down After Ransomware

    Chinese Spies Target Satellite Giant Viasat

    German Dealer Leymann Hacked Closes Stores

    Hacker Mints $27M From Meta Pool Gets 132K

    UBS and Pictet Hit By Vendor Data Breach

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial