China compromised the US Treasury's Committee on Foreign Investment in the United States (CFIUS), responsible for assessing foreign investments for potential national security threats.

Chinese hackers have reportedly breached the Committee on Foreign Investment in the United States (CFIUS), a key office within the U.S. Treasury responsible for reviewing foreign investments and transactions that could pose a threat to U.S. national security. This committee has the authority to approve or deny deals involving national security risks, such as corporate mergers, takeovers, or transactions involving sensitive U.S. information.

Cybersecurity Incident at the U.S. Treasury
Last week, Treasury officials confirmed a “major cybersecurity incident” following a breach at one of its security vendors, BeyondTrust. The hackers gained access to employee workstations and documents on the department’s unclassified network using a stolen BeyondTrust key. In addition to breaching the CFIUS office, the Chinese hackers also infiltrated the Office of Foreign Assets Control (OFAC), the department’s office for international financial sanctions.

Bloomberg reports that the hackers, known as Silk Typhoon (previously called “Hafnium”), are a China-backed hacking group known for conducting mass hacking operations to steal information. This cyberattack at the U.S. Treasury is just one of several incidents linked to the China-backed “Typhoon” hackers in recent months. These attacks have targeted private communications of U.S. government officials and placed destructive malware in critical U.S. infrastructure in preparation for potential conflicts between China and the United States.

The Chinese government has consistently denied these accusations.