An Advanced Persistent Threat group, suspected to be linked to the Chinese government, exploited vulnerabilities in BeyondTrust's software, resulting in a major breach of the Treasury Department. Authentication key theft allowed access to department computers with 'certain unclassified documents' compromised. The impact of this breach sees confidential governmental operations exposed, though classified as unclassified, could endanger financial stability or lead to further undisclosed consequences.
Source: https://www.wired.com/story/apple-95-million-siri-privacy-lawsuit/
"id": "us-000010525",
"linkid": "us-treasury",
"type": "Breach",
"date": "1/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"