We support our Publishers and Content Creators. You can view this story on their website by CLICKING HERE.

The breach ‘raises serious questions about the protocols for safeguarding sensitive federal government information,’ the lawmakers stated.

Two top Republican lawmakers are seeking answers from Treasury Secretary Janet Yellen after a recent disclosure that China’s state-sponsored hackers breached her department.

“This breach of federal government information is extremely concerning,” wrote Sen. Tim Scott (R-S.C.), ranking member of the Senate Banking Committee, and Rep. French Hill (R-Ark.), vice chair of the House Financial Services Committee, in their letter to Yellen on Dec. 31.

“As you know, Treasury maintains some of the most highly sensitive information on U.S. persons throughout government, including tax information, business beneficial ownership, and suspicious activity reports.

“This information must be vigilantly protected from theft or surveillance by our foreign adversaries, including the Chinese Communist Party [CCP], who seek to harm the United States.”

The Treasury made public the Chinese hack on Dec. 30 in a letter sent by Assistant Secretary of the Treasury for Management Aditi Hardikar to the Senate Banking Committee. Hardikar said the breach occurred on Dec. 8 and attributed the hackers to a “China state-sponsored Advanced Persistent Threat (APT) actor.”

The threat actor stole documents from Treasury workstations after compromising a third-party software service provider called BeyondTrust, Hardikar said, describing the event as a “major cybersecurity incident.”

Related Stories

US Moves to Secure Supply Chain for Drones as Chinese Devices Remain Under Scrutiny
Taiwanese President Warns Citizens Against Chinese ID Cards

“As such, the fact that a CCP-sponsored APT actor was able to access Treasury’s information systems is unacceptable and raises serious questions about the protocols for safeguarding sensitive federal government information from future cybersecurity incidents,” the two lawmakers wrote.

In her letter, Hardikar said the Treasury will send a “supplemental report” in 30 days.

Nonetheless, the two lawmakers asked for a briefing before Jan. 10. They requested information such as the name of the Chinese APT actor responsible for the breach, the type and extent of information accessed by the actor, and whether the Treasury was aware of any cybersecurity vulnerabilities related to all of the software it used before the hack.

The two lawmakers also wanted to know if the Treasury has any plans to prevent a similar hack from happening again.

The Treasury breach occurred when U.S. officials were still determining the extent of the cybersecurity breach from another Chinese APT group called Salt Typhoon, which has been conducting extensive espionage since 2022.

In late December, a White House official announced that another telecom company was affected by Salt Typhoon, bringing the total to nine, including AT&T, Verizon, and CenturyLink. The group is known to have successfully targeted President-elect Donald Trump, Vice President-elect JD Vance, and Vice President Kamala Harris.
Several other Chinese state-sponsored threat actor groups have also targeted the United States in recent years. For example, Volt Typhoon began targeting a wide range of networks across U.S. critical infrastructure in 2021.
In September, the Justice Department announced that the FBI had taken down a botnet associated with Flax Typhoon, a threat group operating through the Beijing-based Integrity Technology Group. The botnet consisted of more than 200,000 consumer devices—such as network cameras, video recorders, and home and office routers—in the United States and elsewhere.
A November report released by the House Committee on Homeland Security found that the average cost of a data breach in the United States was $9.36 million, nearly twice the global average.
Some Republicans on the House Select Committee on the CCP have said that they look forward to working with Trump to tackle the Chinese regime’s cyber threats.

Rep. Ashley Hinson (R-Iowa) wrote on social media platform X on Dec. 31 that the United States must “take substantive action to hold China accountable” for the Treasury breach.

“The CCP is clearly ramping up their cyber warfare against the US following the recent Salt Typhoon hack. I believe this is part of a sophisticated, systematic CCP effort to control U.S. systems—like water, electrical, and transportation networks—so they can wreak havoc at a moment’s notice,” Hinson wrote.

“I will work with the Trump Administration to finally hold China accountable for its continued cyber espionage & warfare against the United States.”