The hacker broke into some US Treasury computers and accessed some documents.
The breach happened by compromising the security of BeyondTrust, a third-party cybersecurity provider.
The Treasury Department building; Photo: Wikimedia Commons
A Chinese state-sponsored hacker breached the cybersecurity of the US Treasury Department's systems earlier this month and accessed some unclassified documents, an official letter from US lawmakers confirmed, labeling the breach “a major incident.”
A Major Security Breach
The letter, reviewed by multiple media outlets (including Finance Magnates), detailed that the hacker gained access to US Treasury employee workstations. However, the goal was not to steal funds but to access documents.
The incident came to light as BeyondTrust, a third-party cybersecurity provider, confirmed that the hacker compromised their systems to penetrate the Treasury Department’s computers.
Janet Yellen, Secretary of the Treasury
“A threat actor gained access to a key used by the vendor to secure a cloud-based service used to remotely provide technical support for Treasury Departmental Offices (DO) end users,” the letter to the lawmakers from the US Treasury Department stated.
“With access to the stolen key, the threat actor was able to override the service’s security, remotely access certain Treasury DO user workstations, and access certain unclassified documents maintained by those users,” the letter further explained.
BeyondTrust first spotted the suspicious activity on December 2 but took three days to confirm any security breach. The company informed the Treasury Department about the attack on December 8.
Since the attack, the compromised BeyondTrust service has been taken offline. The letter also highlighted no evidence that the hacker still has access to the Treasury network.
The Treasury Department will provide another supplemental report on the incident to US lawmakers in the next 30 days.
China Denies the Allegations
Despite the US’ bold letter, a spokesperson for the Chinese embassy in Washington, D.C., spoke to the BBC, denying the allegation of the state’s involvement and calling it a “smear attack” made “without any factual basis,” highlighting that it can be difficult to trace hackers' origin.
“We hope that relevant parties will adopt a professional and responsible attitude when characterising cyber incidents, basing their conclusions on sufficient evidence rather than unfounded speculation and accusations,” the spokesperson stated.
“The US needs to stop using cybersecurity to smear and slander China and stop spreading all kinds of disinformation about the so-called Chinese hacking threats,” the statement continued.
A Chinese state-sponsored hacker breached the cybersecurity of the US Treasury Department's systems earlier this month and accessed some unclassified documents, an official letter from US lawmakers confirmed, labeling the breach “a major incident.”
A Major Security Breach
The letter, reviewed by multiple media outlets (including Finance Magnates), detailed that the hacker gained access to US Treasury employee workstations. However, the goal was not to steal funds but to access documents.
The incident came to light as BeyondTrust, a third-party cybersecurity provider, confirmed that the hacker compromised their systems to penetrate the Treasury Department’s computers.
Janet Yellen, Secretary of the Treasury
“A threat actor gained access to a key used by the vendor to secure a cloud-based service used to remotely provide technical support for Treasury Departmental Offices (DO) end users,” the letter to the lawmakers from the US Treasury Department stated.
“With access to the stolen key, the threat actor was able to override the service’s security, remotely access certain Treasury DO user workstations, and access certain unclassified documents maintained by those users,” the letter further explained.
BeyondTrust first spotted the suspicious activity on December 2 but took three days to confirm any security breach. The company informed the Treasury Department about the attack on December 8.
Since the attack, the compromised BeyondTrust service has been taken offline. The letter also highlighted no evidence that the hacker still has access to the Treasury network.
The Treasury Department will provide another supplemental report on the incident to US lawmakers in the next 30 days.
China Denies the Allegations
Despite the US’ bold letter, a spokesperson for the Chinese embassy in Washington, D.C., spoke to the BBC, denying the allegation of the state’s involvement and calling it a “smear attack” made “without any factual basis,” highlighting that it can be difficult to trace hackers' origin.
“We hope that relevant parties will adopt a professional and responsible attitude when characterising cyber incidents, basing their conclusions on sufficient evidence rather than unfounded speculation and accusations,” the spokesperson stated.
“The US needs to stop using cybersecurity to smear and slander China and stop spreading all kinds of disinformation about the so-called Chinese hacking threats,” the statement continued.
Arnab Shome is an electronics engineer-turned-financial editor. He holds a Bachelor of Technology from the National Institute of Technology, Agartala. He entered the retail trading industry about a decade ago, covering the cryptocurrency market for Finance Magnates, and later expanded his coverage to include forex and CFDs as well.
His work at Finance Magnates includes C-level interviews, data-driven analysis, opinion pieces, and scoops of industry exclusives. He also contributes to Finance Magnates’ quarterly industry report.
Area of coverage:
1. CFD broker-related news
2. Industry-related Regulatory updates and developments
3. New retail trading trends
4. Prop trading industry updates
5. Executive interviews
Education:
Bachelor of Technology - National Institute of Technology, Agartala (India)
iForex posts its first annual results as a listed broker. Also ahead: CFI Financial secures a Brazil license, and prediction markets have a big week, with new ETF launches and fresh Polymarket loss data. It's Thursday, the thirtieth of April 2026. You're listening to the Finance Magnates Daily Brief.
iForex posts its first annual results as a listed broker. Also ahead: CFI Financial secures a Brazil license, and prediction markets have a big week, with new ETF launches and fresh Polymarket loss data. It's Thursday, the thirtieth of April 2026. You're listening to the Finance Magnates Daily Brief.
iForex posts its first annual results as a listed broker. Also ahead: CFI Financial secures a Brazil license, and prediction markets have a big week, with new ETF launches and fresh Polymarket loss data. It's Thursday, the thirtieth of April 2026. You're listening to the Finance Magnates Daily Brief.
iForex posts its first annual results as a listed broker. Also ahead: CFI Financial secures a Brazil license, and prediction markets have a big week, with new ETF launches and fresh Polymarket loss data. It's Thursday, the thirtieth of April 2026. You're listening to the Finance Magnates Daily Brief.
iForex posts its first annual results as a listed broker. Also ahead: CFI Financial secures a Brazil license, and prediction markets have a big week, with new ETF launches and fresh Polymarket loss data. It's Thursday, the thirtieth of April 2026. You're listening to the Finance Magnates Daily Brief.
iForex posts its first annual results as a listed broker. Also ahead: CFI Financial secures a Brazil license, and prediction markets have a big week, with new ETF launches and fresh Polymarket loss data. It's Thursday, the thirtieth of April 2026. You're listening to the Finance Magnates Daily Brief.
FM Daily Brief - 29 April 2026
FM Daily Brief - 29 April 2026
FM Daily Brief - 29 April 2026
FM Daily Brief - 29 April 2026
FM Daily Brief - 29 April 2026
FM Daily Brief - 29 April 2026
XTB and Robinhood both post first-quarter earnings. But the numbers point in very different directions. Also ahead: Capital.com pushes into three new markets and signals a move into payments.
It's Wednesday, the 29th of April 2026. You're listening to the Finance Magnates Daily Brief.
XTB and Robinhood both post first-quarter earnings. But the numbers point in very different directions. Also ahead: Capital.com pushes into three new markets and signals a move into payments.
It's Wednesday, the 29th of April 2026. You're listening to the Finance Magnates Daily Brief.
XTB and Robinhood both post first-quarter earnings. But the numbers point in very different directions. Also ahead: Capital.com pushes into three new markets and signals a move into payments.
It's Wednesday, the 29th of April 2026. You're listening to the Finance Magnates Daily Brief.
XTB and Robinhood both post first-quarter earnings. But the numbers point in very different directions. Also ahead: Capital.com pushes into three new markets and signals a move into payments.
It's Wednesday, the 29th of April 2026. You're listening to the Finance Magnates Daily Brief.
XTB and Robinhood both post first-quarter earnings. But the numbers point in very different directions. Also ahead: Capital.com pushes into three new markets and signals a move into payments.
It's Wednesday, the 29th of April 2026. You're listening to the Finance Magnates Daily Brief.
XTB and Robinhood both post first-quarter earnings. But the numbers point in very different directions. Also ahead: Capital.com pushes into three new markets and signals a move into payments.
It's Wednesday, the 29th of April 2026. You're listening to the Finance Magnates Daily Brief.
FM Daily Brief - 28 April 2026
FM Daily Brief - 28 April 2026
FM Daily Brief - 28 April 2026
FM Daily Brief - 28 April 2026
FM Daily Brief - 28 April 2026
FM Daily Brief - 28 April 2026
Startrader posts three-point-one trillion dollars in first-quarter volume — up three hundred and forty percent from a year ago. Also ahead: Fintokei claims sub-second trader payouts, and eToro opens its premium subscription tier to all investors.
Startrader posts three-point-one trillion dollars in first-quarter volume — up three hundred and forty percent from a year ago. Also ahead: Fintokei claims sub-second trader payouts, and eToro opens its premium subscription tier to all investors.
Startrader posts three-point-one trillion dollars in first-quarter volume — up three hundred and forty percent from a year ago. Also ahead: Fintokei claims sub-second trader payouts, and eToro opens its premium subscription tier to all investors.
Startrader posts three-point-one trillion dollars in first-quarter volume — up three hundred and forty percent from a year ago. Also ahead: Fintokei claims sub-second trader payouts, and eToro opens its premium subscription tier to all investors.
Startrader posts three-point-one trillion dollars in first-quarter volume — up three hundred and forty percent from a year ago. Also ahead: Fintokei claims sub-second trader payouts, and eToro opens its premium subscription tier to all investors.
Startrader posts three-point-one trillion dollars in first-quarter volume — up three hundred and forty percent from a year ago. Also ahead: Fintokei claims sub-second trader payouts, and eToro opens its premium subscription tier to all investors.
FM Daily Brief - 27 April 2026
FM Daily Brief - 27 April 2026
FM Daily Brief - 27 April 2026
FM Daily Brief - 27 April 2026
FM Daily Brief - 27 April 2026
FM Daily Brief - 27 April 2026
Finance Magnates spoke with IG Group's MENA CEO. Also ahead: EC Markets posts a record five-point-one-three trillion dollar first quarter. Plus Hola Prime brings in Deloitte to audit prop firm payouts.
Finance Magnates spoke with IG Group's MENA CEO. Also ahead: EC Markets posts a record five-point-one-three trillion dollar first quarter. Plus Hola Prime brings in Deloitte to audit prop firm payouts.
Finance Magnates spoke with IG Group's MENA CEO. Also ahead: EC Markets posts a record five-point-one-three trillion dollar first quarter. Plus Hola Prime brings in Deloitte to audit prop firm payouts.
Finance Magnates spoke with IG Group's MENA CEO. Also ahead: EC Markets posts a record five-point-one-three trillion dollar first quarter. Plus Hola Prime brings in Deloitte to audit prop firm payouts.
Finance Magnates spoke with IG Group's MENA CEO. Also ahead: EC Markets posts a record five-point-one-three trillion dollar first quarter. Plus Hola Prime brings in Deloitte to audit prop firm payouts.
Finance Magnates spoke with IG Group's MENA CEO. Also ahead: EC Markets posts a record five-point-one-three trillion dollar first quarter. Plus Hola Prime brings in Deloitte to audit prop firm payouts.
