Ten Chinese nationals, including two Ministry of Public Security officers and employees of Anxun Information Technology (i-Soon), have been charged with orchestrating a wide-ranging hacking campaign targeting U.S. government agencies, including the Treasury Department, and international organizations. The hackers allegedly stole sensitive data for the benefit of the Chinese government, selling access to compromised accounts for significant profit. The Justice Department alleges this operation involved a complex network of private companies and contractors, obscuring the government’s direct involvement. A $10 million reward has been offered for information leading to the suspects’ apprehension.
Read More
A U.S. Treasury intelligence team has identified Elon Musk’s Department of Government Efficiency (DOGE) as the greatest insider threat risk in the agency’s history, citing unauthorized access to sensitive data and system lockouts by DOGE staff. This assessment, following a federal judge’s curtailment of DOGE’s access to Bureau of the Fiscal Service records, prompted a recommendation to immediately suspend all DOGE access to payment systems and conduct a comprehensive review of their actions. The concern stems from reports of unauthorized data changes and the locking out of civil servants, particularly concerning given that DOGE members previously had access to systems processing over $4.7 trillion annually. The team recommends immediate suspension of access and subsequent insider threat monitoring.
Read More
Following a lawsuit from federal employee unions, access to the U.S. Treasury’s payment systems by the Elon Musk-led Department of Government Efficiency (DOGE) will be severely restricted. A court filing limits DOGE’s access, with exceptions for two employees on a read-only basis. This action comes after allegations of unauthorized access and data sharing, and concerns that DOGE’s control over these systems could be used to manipulate federal payments. The temporary restriction awaits final judicial approval.
Read More
Over 1,000 protesters, including numerous Democratic members of Congress, rallied against Elon Musk’s access to the U.S. Treasury payment system, a system handling $5 trillion annually. This follows Musk’s recent acquisition of control over the Bureau of the Fiscal Service, raising concerns about financial security and potential misuse of taxpayer funds. The protest highlighted growing Democratic opposition to Musk’s influence and the Trump administration’s support of his actions, with some senators vowing to oppose all remaining Trump cabinet nominees. The demonstration aimed to unite against what protesters called a “Musk takeover,” demanding his removal from control of the Treasury system.
Read More
Elon Musk’s “Department of Government Efficiency” (DOGE), with Treasury Secretary Scott Bessent’s approval, now possesses access to the U.S. Treasury’s federal payment system, controlling trillions of dollars in annual transactions. This unprecedented access followed the ousting of a long-serving Treasury official who opposed granting DOGE access. While described as “read-only,” the access encompasses sensitive taxpayer data and could enable Musk to disrupt government funding or manipulate government contracts. Experts warn this situation constitutes a significant threat to governmental integrity and financial stability.
Read More
In early December, a China-based Advanced Persistent Threat (APT) actor gained unauthorized access to US Treasury Department systems via a compromised third-party service provider, BeyondTrust. The breach involved several employee workstations and some unclassified documents, prompting the Treasury Department to characterize the incident as a “major cybersecurity incident.” Investigations, involving the FBI and other agencies, are underway to assess the full impact. The Treasury Department has stated that the access has been stopped and will provide a supplemental report within 30 days.
Read More
A major cybersecurity incident at the US Treasury Department involved a Chinese state-sponsored actor gaining access to several Treasury workstations and unclassified documents via a compromised third-party software provider, BeyondTrust. The intrusion, attributed to a stolen access key, allowed the actor to override security and access departmental user workstations. The compromised service has been taken offline, and investigations are underway with law enforcement and CISA. Treasury officials will brief congressional committees on the breach next week.
Read More
John Q. Hosedrinker