Chinese state-sponsored hackers breached the US Treasury Department and accessed the computers of top officials, including Secretary Janet Yellen, Deputy Secretary Wally Adeyemo, and Acting Under Secretary Brad Smith, according to two people familiar with the matter, quoted by Bloomberg.
The attackers accessed unclassified files, with around 50 files on Yellen’s machine being compromised.
Saif Ali Khan Health Update
As the news spread, Elon Musk mocked the official claiming that anyone could hack into her system. “A 12-year-old script kiddie could hack into Yellen’s computer. I doubt she knows how to reboot her WiFi router,” he said on X, quoting a post about the hack.
The breach, which was reportedly part of a broader attack on the Treasury, focused on the department’s role in sanctions, intelligence, and international affairs. The hackers did not penetrate Treasury’s email or classified systems, according to a Treasury report.
Treasury staff briefed congressional aides and lawmakers about the hack on Wednesday and Thursday, coinciding with the Senate Finance Committee’s confirmation hearing for Scott Bessent, President-elect Donald Trump’s nominee for Treasury secretary.
The Chinese operatives breached more than 400 laptop and desktop machines, accessing employee usernames, passwords, and over 3,000 files on unclassified personal devices. They also accessed sensitive data related to investigations run by the Committee on Foreign Investment in the US.
Investigators attributed the hack to a Chinese state-sponsored actor known as Silk Typhoon and UNC5221. The hackers prioritised document collection and operated outside of normal working hours to avoid detection.
The cyber attackers gained remote entry to multiple United States Treasury Department computers and non-classified files by breaching a third-party software vendor’s security, according to the agency’s statement on December 30.
In its disclosure letter to members of Congress about the security breach, the Treasury had not not specified the number of affected computers or the nature of accessed documents. However, it stated that “at this time there is no evidence indicating the threat actor has continued access to Treasury information.” The department confirmed that the cyber breach was under investigation as a “major cybersecurity incident.”
