The U.S. Treasury Department confirmed it was hacked in early December by state-sponsored actors from China, revealing the breach in a letter to lawmakers. Officials characterized the incident as a "major event," resulting from a security oversight involving a key from BeyondTrust, a third-party service provider. This key allowed remote access to Treasury systems, leading to unauthorized access of multiple employee workstations and certain unclassified documents.

The hack was discovered on December 8, after BeyondTrust alerted the Treasury. While there has been no evidence of ongoing intrusion, the department is collaborating with the FBI, Cybersecurity and Infrastructure Security Agency, and private forensic experts to assess the damage and secure their networks.

Despite the intrusion, officials stressed their commitment to safeguarding sensitive information against external threats. The Treasury's notification highlighted the seriousness of the breach attributed to "a China-based Advanced Persistent Threat (APT)," underscoring ongoing tensions surrounding cybersecurity with China, which has historically denied accusations of espionage.

As the story develops, updates are anticipated. For real-time alerts, users can follow relevant news outlets.