The U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced today that last week’s Treasury Department cyberattack, attributed to Chinese government hackers, did not affect other federal agencies.
“At this time, there is no indication that this incident has impacted any other federal agencies,” CISA said, adding that it continues to monitor and coordinate the response with federal authorities.
The Treasury disclosed the breach on December 8, revealing that attackers exploited a stolen Remote Support SaaS API key to compromise a BeyondTrust instance. The intrusion, labeled a “major cybersecurity incident,” specifically targeted the Office of Foreign Assets Control (OFAC), likely to gather intelligence on potential U.S. sanctions against Chinese entities. Hackers also breached the Office of Financial Research, though officials said there’s no evidence they maintained access after securing the BeyondTrust instance.
CISA reaffirmed the critical importance of safeguarding federal systems and vowed aggressive efforts to prevent further impacts, promising updates as new information emerges. The attack highlights ongoing cybersecurity threats and the need for strong defenses against state-sponsored actors.
