China Denies Allegations of Cyber Breach in U.S. Treasury Department Hack**

The U.S. Treasury Department has reported a significant cyber breach attributed to state-sponsored hackers from China, which resulted in access to employee workstations and unclassified documents. Identified as a "major incident," U.S. officials notified lawmakers and stated they are collaborating with the FBI and other security agencies to investigate the consequences of the breach. The Chinese government has firmly rejected the allegations, labeling them as "baseless," and insisted that it opposes all hacking activities.

This latest incident is part of a troubling pattern involving significant security breaches in the U.S., with prior incidents, including a telecom hack in December, raising concerns about China's cyber capabilities. According to the Treasury's statement, the breach was facilitated by exploiting vulnerabilities in a third-party service known as BeyondTrust. This program, meant for providing remote technical support, has since been disabled following the discovery of the breach.

Nonetheless, there are no indications that the hacker maintained continued access to the Treasury's systems after the initial intrusion, as investigations by the Cybersecurity and Infrastructure Security Agency, along with forensic experts, unfold. Initial assessments suggest the hack was executed by a China-based Advanced Persistent Threat (APT) actor, which triggers the Treasury’s classification of the event as a major cybersecurity incident.

The breach was first reported to the Treasury on December 8, although suspicious activity had been detected by BeyondTrust starting December 2. The attackers purportedly managed to gain remote access to workstations and retrieve unclassified documents, although specifics about the material accessed remain undisclosed. The department clarified that while the hackers might have been capable of creating accounts or modifying passwords during the observation period, their intent seemed directed towards information gathering rather than financial theft.

China's foreign ministry spokesperson Mao Ning dismissed the accusations during a press briefing, asserting that they lacked supporting evidence and were aimed at political discrediting. The Chinese embassy in Washington further condemned the claims, asserting they reflect a smear campaign against China, urging the U.S. to cease spreading misinformation regarding cybersecurity threats.

Over the past year, two groups of suspected Chinese government hackers have been highlighted: Volt Typhoon, thought to target critical infrastructure for disruption, and Salt Typhoon, implicated in espionage activities such as the telecoms hack. As investigations continue, U.S. lawmakers are expecting a supplemental report detailing the incident within 30 days, underlining the urgency of addressing such grave cybersecurity risks.