Chinese government hackers infiltrated key offices within the U.S. Treasury Department, including the Office of Foreign Assets Control (OFAC) and the Office of Financial Research, according to a report by The Washington Post on Wednesday.

The cyberattack, disclosed earlier this week, reportedly targeted departments responsible for administering economic sanctions and even extended to the office of Treasury Secretary Janet Yellen.

The Treasury Department confirmed the breach in a letter to lawmakers, describing it as a “major incident” involving the theft of unclassified documents. However, the letter did not specify the affected users or departments.


Unnamed officials cited by The Washington Post indicated that one of Beijing’s primary interests could be accessing information about Chinese entities under consideration for U.S. sanctions. The breach also reportedly involved a compromise of cybersecurity services provided by BeyondTrust, a third-party vendor.

In response to the allegations, Liu Pengyu, spokesperson for the Chinese Embassy in Washington, dismissed the claims as “irrational” and “without any factual basis,” labeling them as “smear attacks” against Beijing. While the statement reiterated China’s official stance of opposing all forms of cyberattacks, it did not directly address the specific claims of the breach.

The Treasury Department declined to comment on the report, and BeyondTrust has not issued a public statement regarding the compromise of its services.

This incident highlights the broader geopolitical tensions between the United States and China, with sanctions playing a critical role in U.S. foreign policy. Chinese entities have frequently been targeted by U.S. sanctions, particularly amid efforts to curb Russia’s revenue streams during its war in Ukraine.

READ
CISA Warns Medusa Ransomware Has Hit Over 300 Critical Infrastructure Organizations

Treasury Secretary Janet Yellen has previously indicated that Washington is considering sanctions on Chinese banks to limit Russia’s access to financial resources. This latest cyberattack underscores the challenges posed by state-sponsored hacking in an increasingly contentious global environment.