ATLANTA – Chinese hackers remotely accessed multiple U.S. Treasury Department workstations and unclassified documents after compromising a third-party software services provider, the agency said Monday.

The department did not say how many workstations were accessed or what type of documents the hackers may have obtained, but said in a letter to lawmakers disclosing the breach that “there is currently no evidence that The threat actor continued to access Treasury Department information.” It said the hack was being investigated as a “serious cybersecurity incident.”

“Treasury takes all threats to our systems and the data stored therein very seriously,” a department spokesman said in a separate statement. “Over the past four years, Treasury has significantly strengthened its cyber defenses, and we will continue to work with private and public sector partners to protect our financial system from threat actors.”

TRENDING STORIES:

The Treasury Department said it learned of the problem on Dec. 8 when service provider BeyondTrust alerted that hackers had stolen a key “that the provider used to secure a cloud-based service used to provide access to employees from the “Remote technical support should be provided”. This key helped the hackers bypass the service’s security and gain remote access to multiple employee workstations.

BeyondTrust is based in Johns Creek and says on its website that it “fights every day to secure identities, intelligently eliminate threats and provide dynamic access to strengthen and protect organizations around the world.”

The revelation comes as U.S. officials continue to grapple with the fallout from a massive Chinese cyberespionage campaign called Salt Typhoon, which gave officials in Beijing access to private text messages and phone conversations of an unknown number of Americans. A senior White House official said Friday that the number of telecommunications companies confirmed to have been affected by the hack has now risen to nine.

The compromised service has since been taken offline and there is no evidence that the hackers still had access to ministry information, Aditi Hardikar, a deputy finance minister, said in Monday’s letter to Senate Banking Committee chairmen.

The department said it was working with the FBI, the Cybersecurity and Infrastructure Security Agency and others to investigate the impact of the hack and that the hack had been attributed to state-sponsored Chinese perpetrators. No further details were given.

The Associated Press contributed to this article.

©2024 Cox Media Group