News from Bloomberg:

“The US Treasury Department was hacked by a Chinese state-sponsored actor through a third-party software service provider, the agency said in a letter to Congress on Monday.

“On December 8, 2024, Treasury was notified by a third-party software service provider, BeyondTrust, that a threat actor had gained access to a key used by the vendor to secure a cloud-based service used to remotely provide technical support for Treasury Departmental Offices (DO) end users,” according to the letter seen by Bloomberg News. “Based on available indicators, the incident has been attributed to a China state-sponsored Advanced Persistent Threat (APT) actor.”

“The hacker was able to remotely access certain Treasury workstations and “certain unclassified documents maintained by those users,” the department said in the letter to Senators Sherrod Brown and Tim Scott.”

Hmm, Treasury. They have some sort of connection with IRS, don’t they? I wonder which Treasury agencies use this BeyondTrust software.

“The IRS uses BeyondTrust Remote Support Appliance software to provide secure remote support to customers. The software allows support technicians to remotely control computers over the internet or on local networks.”

OK. I guess no one’s perfect. Should I tell my clients?