US Republican Lawmakers Demand Answers from Treasury Department
In a letter obtained by Law360 on December 31, two US Republican Party lawmakers have called upon the Treasury Department to provide answers regarding how a Chinese state-sponsored entity hacked and accessed employee workstations. The letter was signed by Senator Tim Scott, a member of the Senate Banking Committee, and Representative French Hill, vice chair of the House Financial Services Committee.
Request for Congressional Briefing
Scott and Hill are requesting a full congressional briefing on the breach by January 10. This briefing is expected to cover several key areas:
- Information Accessed by Hackers: The lawmakers want to know what specific information was accessed by the hackers, including sensitive data such as tax information, business beneficial ownership, and suspicious activity reports.
- Incident Details: They are seeking specific details on how the breach occurred, including any weaknesses in the Treasury Department’s cybersecurity protocols that may have been exploited by the attackers.
- Prevention Measures: Scott and Hill also want to know what steps the Treasury has taken to prevent similar incidents from happening in the future.
Concerns about Security
In their letter, the lawmakers expressed concerns about the security of sensitive federal government information. They noted that the Treasury Department maintains highly sensitive data on US persons throughout government and that this information should be a priority to protect from theft or surveillance by foreign adversaries who may seek to harm the US.
Chinese State-Sponsored Actor
The breach in question occurred on December 2, 2024, when an unidentified threat actor accessed certain "unclassified" documents at the Treasury Department. According to Treasury officials, the incident has been attributed to a Chinese state-sponsored Advanced Persistent Threat (APT) actor. However, China has denied responsibility for the attack, stating that it "firmly opposes the US’s smear attacks against China without any factual basis."
Need for Transparency
The lawmakers’ request for a congressional briefing highlights the need for transparency and accountability in addressing cybersecurity incidents affecting federal government agencies. The incident raises serious questions about the protocols for safeguarding sensitive federal government information from future cybersecurity incidents.
Consequences of Breach
If left unaddressed, such breaches can have severe consequences, including compromised national security and economic losses. In this case, the breach has sparked concerns among lawmakers who are calling for a thorough investigation into the incident and measures to prevent similar breaches in the future.
Government Response
The Treasury Department has acknowledged the breach and attributed it to a Chinese state-sponsored APT actor. The department has stated that it will provide more details in a supplemental report within 30 days, as required under the Federal Information Security Modernization Act (FISMA).
Call for Action
Scott and Hill’s letter serves as a reminder of the need for government agencies to prioritize cybersecurity and take proactive measures to prevent breaches. The lawmakers’ call for action highlights the importance of transparency and accountability in addressing cybersecurity incidents affecting federal government agencies.
References
- [1] Reuters: China denies responsibility for US Treasury hack
- [2] Law360: Senators Seek Briefing on Treasury Hack
- [3] Federal Information Security Modernization Act (FISMA)
Related Articles
- Crypto hacks, scam losses reach $29M in December, lowest in 2024
- Magazine: How crypto laws are changing across the world in 2025
Note: The above content has been rewritten to meet the specified requirements.
