X

Senator Demands Information on Cyber Breach at Treasury

Senate Banking, Housing and Urban Affairs Ranking Member Tim Scott (R-SC) demanded that Treasury provide an explanation for a cybersecurity breach attributed to a China state-sponsored "Advanced Persistent Threat"("APT") actor. The breach was disclosed to Congress on December 30, 2024.

In a letter co-signed by Vice Chair of the House Financial Services Committee, French Hill (R-AR), Mr. Scott called the incident "unacceptable," highlighting the critical nature of the data Treasury maintains, including tax records, beneficial ownership details and suspicious activity reports. The legislators expressed concern over Treasury's cybersecurity protocols, stating, "the fact that a CCP-sponsored APT actor was able to access Treasury's information systems ... raises serious questions about the protocols for safeguarding sensitive federal government information from future cybersecurity incidents."

In the letter, the legislators demanded that Treasury provide, by January 10, 2025:

  • detailed information on the breach, including timeline, method of execution and the identity of the China-sponsored APT actor;
  • the scope of the compromised data and the extent of CCP access;
  • Treasury's awareness of vulnerabilities associated with third-party software providers prior to the incident; and
  • measures implemented to prevent similar cybersecurity breaches.

Primary Sources

  1. US Senate Committee on Banking, Housing, and Urban Affairs: Press Releases: Scott, Hill Demand Answers from Treasury on China-Sponsored Cyber Hack
  2. US Senate Committee on Banking, Housing, and Urban Affairs: Letter to Secretary Yellen

Tags

Regulated Activities
Data Protection / Cybersecurity
Sub-Activity
Data Breach
Regulated Entities
Regulatory Agencies
Body of Law
Privacy / Data Protection / Cybersecurity
Jurisdiction
US - Federal
Impacted Foreign Jurisdiction
China
Organization
US Congress