Republican Lawmakers Demand Treasury Accountability for Cyber Breach
Two Republican lawmakers are pressing the U.S. Department of the Treasury for answers following a cyber breach attributed to a Chinese state-sponsored hacking group, raising serious concerns about the security of sensitive federal information.
Call for Immediate Action
In a December 31 letter to Treasury Secretary Janet Yellen, Senator Tim Scott (a Senate Banking Committee member) and Representative French Hill (vice chair of the House Financial Services Committee) requested a full congressional briefing by January 10, 2025.
The lawmakers demanded details about:
- The scope of information accessed by the hackers.
- How the breach occurred and the vulnerabilities exploited.
- Steps taken by the Treasury to prevent future incidents.
“This breach of federal government information is extremely concerning,” Scott and Hill wrote, emphasizing that Treasury systems store highly sensitive data on U.S. citizens, businesses, and financial activities.
Details of the Cyber Breach
The breach, which occurred on December 2, 2024, involved a Chinese Communist Party-sponsored advanced persistent threat (APT) actor, according to Treasury officials. Hackers reportedly accessed employee workstations and some unclassified documents, though the nature of the data compromised remains unclear.
Treasury officials acknowledged the incident in a December 30 letter to lawmakers, attributing the attack to a state-sponsored Chinese group and pledging to provide further details in a supplemental report within 30 days, as required by the Federal Information Security Modernization Act.
China Denies Involvement
In response, China denied responsibility, with a spokesperson telling Reuters that it “firmly opposes the U.S.’s smear attacks against China without any factual basis.”
Sensitive Information at Risk
Scott and Hill stressed the critical nature of Treasury’s data, which includes:
- Tax records
- Business ownership details
- Suspicious activity reports
“The fact that a CCP-sponsored APT actor was able to access Treasury’s information systems is unacceptable and raises serious questions about the protocols for safeguarding sensitive federal government information from future cybersecurity incidents,” they said.
Broader Implications
This breach highlights vulnerabilities in federal cybersecurity systems and underscores the rising threat of state-sponsored cyberattacks targeting critical U.S. institutions. The incident has sparked renewed calls for enhanced cybersecurity measures across federal agencies.
What’s Next?
As the Treasury prepares its supplemental report, lawmakers will be scrutinizing the department’s response and pushing for stronger protocols to protect sensitive data. With geopolitical tensions over cybersecurity rising, this incident could lead to greater legislative focus on federal information security and U.S.-China cyber relations.
Stay tuned for updates as more details emerge about this significant breach and the steps the Treasury takes to address its aftermath.
