Breach of US Treasury Exposed Contents of Secretary Janet Yellen’s Computer to Chinese Hackers

by | Jan 22, 2025

The December breach of the US Treasury by Chinese hackers apparently included theft of information from Secretary Janet Yellen’s computer, according to anonymous official sources speaking with Bloomberg News.

The Silk Typhoon group has been implicated in the attack, a team of Chinese hackers that now has a years-long history of major breaches of foreign governments. Yellen and two of her US Treasury lieutenants had their computers breached, but the sources say that only a small number of unclassified files were seized.

Chinese hackers continue to rampage as Trump administration takes over

The US enjoyed a peaceful transfer of power on Monday, but the incoming administration will inherit a problem with Chinese hackers that still has no comprehensive solution in sight. The Chinese teams have been making headlines since mid-2023 with their high-profile breaches of both government agencies and critical infrastructure companies, and this is not the first time they have penetrated the US Treasury. In some cases the damage from these campaigns is still being documented, and the hackers may well still be lurking in important systems.

The Biden administration made improvement of cybersecurity for national defense one of its signature issues, something that kicked off with major ransomware attacks that crippled the gasoline supply in 2021. While that campaign began with concerns focused on Russia, China has emerged to become the central antagonist as relations with Taiwan have rapidly deteriorated in recent years and the threat of a military invasion that draws in the US has become more real.

A particular trigger seemed to be then-Speaker Nancy Pelosi’s visit to Taiwan in 2022, and since then there have been reports of Chinese hackers embedded in all manner of US systems. The US Treasury has been included in some of these prior campaigns, and was additionally penetrated by Russian hackers in 2020 as part of the sprawling SolarWinds breach.

US Treasury had hundreds of computers breached, but damage reported as minimal

While the US Treasury breach was confirmed by the agency back in December, this new reporting gives more of a sense of what was stolen and the overall damage caused. In addition to naming Silk Typhoon as the culprit, the agency previously reported that some 400 desktop and laptop computers were compromised impacting about 3,000 employee files in total.

It appears that a mere 50 files on Yellen’s computer were accessed, and there is no indication that any of them were classified or particularly sensitive. The US Treasury has maintained that its email system and the classified areas of its network were not breached by the attack, which originated from a compromise of third-party contractor BeyondTrust.

The Chinese government has thus far denied all reports of Chinese hackers attacking US systems, including this one. But a number of countries around the world have now pointed the finger at their state-backed teams in their own compromises, and independent security sources like Microsoft also cite these groups as culprits.

Recent Posts

How can we help?

4 + 9 =

× How can I help you?