The US Treasury Department has confirmed that Chinese state-sponsored hackers infiltrated its systems earlier this month, gaining access to employee workstations and some unclassified documents. The breach was described as a "major incident" by Treasury officials, who alerted lawmakers about the hack through a letter on Monday.

The attack was traced to China-based Advanced Persistent Threat (APT) actors who exploited a vulnerability in a third-party service provider, BeyondTrust, which offers remote technical support to employees. The hackers were able to override security protocols using a key associated with this service. The compromised service has since been taken offline, and there is no evidence to suggest the hackers maintained access after this action.

The Treasury Department has been working closely with the FBI, the Cybersecurity and Infrastructure Security Agency (CISA), and third-party forensic investigators to assess the full scope of the breach. The investigation is ongoing, but initial findings point to espionage motives rather than an attempt to steal funds. The hackers are believed to have been seeking sensitive information rather than engaging in financial theft.

While the department did not disclose the specifics of the unclassified documents accessed or the individuals involved, the breach is being taken very seriously, with officials pledging continued efforts to protect sensitive data from future cyber threats.

China has vehemently denied any involvement in the cyber attack. The Chinese Foreign Ministry described the allegations as "baseless" and "politically motivated." A spokesperson for the Chinese embassy in Washington called the accusation a "smear attack" and criticized the United States for spreading misinformation.

This breach marks the latest in a series of high-profile cyberattacks attributed to Chinese espionage actors, following a similar hack in December targeting telecommunications companies. The attack raised concerns about the security of phone record data across the United States.

The Treasury Department has committed to providing a supplemental report on the incident to lawmakers within the next 30 days.