US Treasury Secretary Janet Yellen’s computer was breached, with unclassified files accessed as part of a broader cyberattack on the department attributed to Chinese state-sponsored hackers, according to two individuals familiar with the situation.
The attackers also infiltrated the computers of two of Yellen’s deputies, Deputy Secretary Wally Adeyemo and Acting Under Secretary Brad Smith, said the sources, who requested anonymity due to the sensitive nature of the information. According to one of the sources, fewer than 50 files were accessed on Yellen’s device.
The hackers appeared to concentrate on the Treasury’s functions related to sanctions, intelligence, and international affairs. However, they did not gain access to the department’s email or classified systems, according to a Treasury report previously reviewed by Bloomberg News.
In addition to breaching the computers of top Treasury officials, the hackers infiltrated more than 400 laptop and desktop devices. They obtained usernames, passwords, and over 3,000 files stored on unclassified personal devices, the report reveals.
The intruders also accessed “law enforcement sensitive” information and materials related to investigations by the Committee on Foreign Investment in the U.S., which evaluates the national security risks of certain foreign investments, according to the Treasury report.
BeyondTrust Corp., a software contractor, notified the Treasury on December 8 that hackers had exploited its networks to compromise the department. Treasury then sought assistance from the Cybersecurity and Infrastructure Security Agency, the FBI, and other intelligence agencies.
Investigators attributed the breach to a Chinese state-sponsored group known in cybersecurity circles as Silk Typhoon or UNC5221.
Chinese officials have consistently denied U.S. accusations of state-sponsored hacking. Last month, a spokesperson for China’s foreign ministry dismissed claims that the government was responsible for the Treasury breach as “unwarranted and groundless.”
“China has always opposed all forms of hacker attacks,” Mao Ning, a spokesperson for China’s foreign ministry, said at the time.
In 2023, China was also accused of breaching the email accounts of key U.S. government officials, including Commerce Secretary Gina Raimondo and U.S. Ambassador to China Nicholas Burns, as reported by The Wall Street Journal.
