(Bloomberg) — US Treasury Secretary Janet Yellen’s computer was infiltrated and unclassified files were accessed as part of a broader breach of the agency by Chinese state-sponsored hackers, according to two people familiar with the matter.
Most Read from Bloomberg
The attackers also hacked the computers of two of Yellen’s lieutenants, Deputy Secretary Wally Adeyemo and Acting Under Secretary Brad Smith, according to the people, who asked not to be identified discussing sensitive information. Fewer than 50 files on Yellen’s machine were accessed, one of the people said.
Treasury spokesperson Chris Hayden declined to comment Thursday.
The compromise of Yellen’s computer makes the Treasury breach the latest hack attributed to the Chinese government that has reached the top ranks of a US federal department. The attackers appeared to focus on Treasury’s role in sanctions, intelligence and international affairs, but didn’t penetrate the department’s email or classified systems, according to an Treasury report previously reviewed by Bloomberg News.
Treasury staff were at Capitol Hill on Wednesday and Thursday briefing congressional aides and lawmakers about the hack. The discussions occurred as the Senate Finance Committee held a confirmation hearing on Thursday for Scott Bessent, President-elect Donald Trump’s nominee as Treasury secretary.
The Chinese operatives breached the top Treasury officials’ computers along with more than 400 laptop and desktop machines, accessing employee usernames and passwords as well as more than 3,000 files on unclassified personal devices, the report states. The intruders also accessed “law enforcement sensitive” data and material on investigations run by the Committee on Foreign Investment in the US, which reviews the national security implications of some foreign financing, according to the Treasury report.
Software contractor BeyondTrust Corp. on Dec. 8 notified Treasury that hackers had exploited the company’s networks to infiltrate the government department. Treasury alerted the Cybersecurity and Infrastructure Security Agency to the incident and sought help from the FBI and other intelligence agencies.
Politico earlier reported that the hackers had accessed a small number of unclassified files belonging to Yellen, Adeyemo and Smith.
Story continues
Investigators attributed the hack to a Chinese state-sponsored actor known among cybersecurity professionals as Silk Typhoon and UNC5221, according to the report. They found that the hackers prioritized the collection of documents and operated outside of normal working hours to avoid detection, according to the report.
Chinese officials have long denied US allegations of state-sponsored cyberattacks, and a Foreign Ministry spokesperson last month called the claims that the government was behind the Treasury hack “unwarranted and groundless.”
China was also accused in 2023 of breaking into the email accounts of key government officials, including Commerce Secretary Gina Raimondo and, according to the Wall Street Journal, US Ambassador to China Nicholas Burns.
Most Read from Bloomberg Businessweek
©2025 Bloomberg L.P.