Two US Republican lawmakers are urging the Treasury Department to provide answers regarding a Chinese state-sponsored cyberattack that compromised employee workstations. In a Dec. 31, 2024, letter to Treasury Secretary Janet Yellen, Senator Tim Scott and Representative French Hill requested a full congressional briefing by Jan. 10, 2025, to address the breach.
Scott and Hill seek details on what information was accessed, how the hackers infiltrated Treasury systems, and the steps taken to prevent similar incidents in the future. They emphasized the severity of the breach, stressing that Treasury holds sensitive data such as tax information, business ownership records, and suspicious activity reports, which must be safeguarded from foreign adversaries.
The cyberattack, which occurred on Dec. 2, 2024, allowed hackers to access unclassified documents from Treasury employee workstations. The department confirmed that the breach was caused by a Chinese state-sponsored APT actor. Treasury officials indicated they would provide further details in a report within 30 days, as required by the Federal Information Security Modernization Act (FISMA).
China’s Denial
In response to the allegations, China denied involvement, with a government spokesperson stating, “We firmly oppose the US’s smear attacks against China without any factual basis.” Despite China’s denials, US lawmakers continue to push for answers and stronger cybersecurity protections.
Scott and Hill’s letter reflects growing concerns among lawmakers about cybersecurity within federal agencies. They have requested a detailed briefing on how the breach occurred, the data compromised, and the steps Treasury is taking to prevent future incidents. This breach adds to a pattern of increasing cyber threats targeting US government agencies, underscoring the need for stronger protections against foreign cyberattacks.
Author’s Opinion
The Treasury breach is a clear reminder that federal cybersecurity systems must be strengthened to protect sensitive data from foreign adversaries. The government must take action to prevent further attacks and ensure that such breaches do not compromise national security.
