Only the U.S. Treasury Department was confirmed by the Cybersecurity and Infrastructure Security Agency to have been compromised in a Chinese state-sponsored cyberattack that involved the exploitation of a breached BeyondTrust API key, reports The Hill.
Further investigation into better understanding and mitigating the intrusion alongside the Treasury Department and BeyondTrust is underway, according to CISA. "The security of federal systems and the data they protect is of critical importance to our national security. We are working aggressively to safeguard against any further impacts and will provide updates, as appropriate," said CISA. While the Treasury Department has committed to provide more information regarding the incident within 30 days, Treasury Secretary Janet Yellen has already been sought by incoming Senate Banking Committee Chair Tim Scott, R-S.C., and House Financial Services Committee Chair French Hill, R-Ark., to offer a briefing by Friday. Such a breach has been noted by the lawmakers to be "extremely concerning," with the agency tasked to handle tax information and other sensitive information that require robust protections against potential compromise by foreign adversaries.
