The US Treasury confirmed the hackers had accessed several workstations and unclassified documents. (AP: Patrick Semansky/file)
In short:
Chinese state-sponsored hackers accessed workstations and documents in a "major cybersecurity incident", the US Treasury says.
The revelation comes as US officials continue to grapple with the fallout of a massive Chinese cyber espionage campaign known as Salt Typhoon.
What's next?
The department said it was working with the FBI and the Cybersecurity and Infrastructure Security Agency to investigate the scope of the hack.
The US Treasury says Chinese hackers remotely accessed several of its workstations and unclassified documents after compromising a third-party software service provider.
The department did not provide details on how many workstations had been accessed or what sort of documents were obtained.
The agency attributed the hack to Chinese state-sponsored hackers.
It said in a letter to politicians on Monday local time that "at this time there is no evidence indicating the threat actor has continued access to Treasury information".
It said the hack was being investigated as a "major cybersecurity incident".
The Salt Typhoon hacking campaign
Photo shows A woman holds her phone in her hand, she is sat in front of several small us flags
"Treasury takes very seriously all threats against our systems, and the data it holds," a department spokesperson said in a separate statement.
"Over the last four years, Treasury has significantly bolstered its cyber defense, and we will continue to work with both private and public sector partners to protect our financial system from threat actors."
The revelation comes as US officials continue to grapple with the fallout of a massive Chinese cyber espionage campaign known as Salt Typhoon that gave officials in Beijing access to private texts and phone conversations of an unknown number of Americans.
A top White House official said on Friday that the number of telecommunications companies affected by the hack has now risen to nine.
The Treasury department said it learned of the problem at the agency on December 8, when a third-party software service provider, BeyondTrust, flagged that hackers had stolen a key used by the vendor that helped them override the service's security and gain remote access to several employee workstations.
The agency attributed the hack to Chinese state-sponsored culprits. (Reuters: Samantha Sais)
The compromised service has since been taken offline, and there's no evidence that the hackers still have access to department information, said Aditi Hardikar, an assistant Treasury secretary.
The department said it was working with the FBI and the Cybersecurity and Infrastructure Security Agency to investigate the scope of the hack.
AP