Breach cyber

United States Treasury

Jan 10, 2025 1 min read
United States Treasury

The United States Treasury suffered a 'major' breach when an Advanced Persistent Threat group, believed to be linked to the Chinese government, exploited flaws in BeyondTrust software. The attackers stole an authentication key, gaining access to department computers and managing to steal 'certain unclassified documents'. While classified as unclassified, the breach's full extent and subsequent risks, such as exposure to financial manipulations and international diplomatic consequences, are still under assessment.

Source: https://www.wired.com/story/apple-95-million-siri-privacy-lawsuit/

TPRM report: https://scoringcyber.rankiteo.com/company/us-treasury

"id": "us-000011025",
"linkid": "us-treasury",
"type": "Breach",
"date": "1/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"
{'affected_entities': [{'industry': 'Government',
                        'location': 'United States',
                        'name': 'United States Treasury',
                        'type': 'Government Agency'}],
 'attack_vector': 'Exploited flaws in BeyondTrust software',
 'data_breach': {'data_exfiltration': True,
                 'sensitivity_of_data': 'Unclassified',
                 'type_of_data_compromised': 'Unclassified documents'},
 'description': "The United States Treasury suffered a 'major' breach when an "
                'Advanced Persistent Threat group, believed to be linked to '
                'the Chinese government, exploited flaws in BeyondTrust '
                'software. The attackers stole an authentication key, gaining '
                "access to department computers and managing to steal 'certain "
                "unclassified documents'. While classified as unclassified, "
                "the breach's full extent and subsequent risks, such as "
                'exposure to financial manipulations and international '
                'diplomatic consequences, are still under assessment.',
 'impact': {'data_compromised': 'Unclassified documents',
            'systems_affected': 'Department computers'},
 'initial_access_broker': {'entry_point': 'BeyondTrust software'},
 'motivation': 'Data Theft',
 'post_incident_analysis': {'root_causes': 'Flaws in BeyondTrust software'},
 'threat_actor': 'Advanced Persistent Threat group linked to the Chinese '
                 'government',
 'title': 'United States Treasury Breach',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Authentication key theft'}
Published by
Jeremy C
Jeremy C
You might also like
Breach cyber

Helsinki

public 1 min read
A data breach affecting Helsinki, Finland’s capital and largest employer, exposed sensitive personal data of over 300,000 people.…
Jeremy C Jeremy C
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.