Chinese state-sponsored hackers infiltrated the US Treasury Department’s systems earlier this month, gaining access to employee workstations and some unclassified documents, US officials confirmed on Monday. The breach, described by the Treasury Department as a “major incident,” has prompted an ongoing investigation by the FBI and other agencies.

In a letter to lawmakers, the Treasury Department explained that the hackers, believed to be based in China, bypassed security systems through a vulnerability in a third-party service provider’s application. The compromised service, BeyondTrust, offers remote technical support to Treasury employees. While the third-party service has been taken offline, the department emphasized that no further unauthorized access has been detected.

The breach was first identified by BeyondTrust on December 8, although suspicious activity had been flagged as early as December 2. It took several days for the company to confirm that it had been hacked. The hackers reportedly used the service to remotely access several Treasury user workstations, obtaining some unclassified documents, but there were no indications of an attempt to steal funds.

The Treasury Department is working closely with the Cybersecurity and Infrastructure Security Agency (CISA) and third-party forensic investigators to assess the full impact of the breach. Initial reports suggest that the intrusion was likely carried out by a “China-based Advanced Persistent Threat (APT) actor,” a group of hackers associated with espionage activities.

“This intrusion is being treated as a major cybersecurity incident, in accordance with Treasury policy,” said Treasury Department officials. They added that investigations are still underway to determine the scope of the compromise, including the specific nature of the files accessed and whether any additional accounts or passwords were created or altered by the attackers.

China has strongly denied the allegations, with foreign ministry spokesperson Mao Ning labeling the claims “baseless.” She reiterated China’s stance against hacking and rejected what she described as “false information” aimed at targeting China for political purposes. The Chinese embassy in Washington DC also dismissed the accusations as part of a “smear attack,” urging the US to stop spreading disinformation about Chinese hacking threats.

The breach follows a series of high-profile cyberattacks attributed to Chinese espionage, including a December hack that potentially compromised sensitive telecom data in the US. The Treasury Department has pledged to continue strengthening its cybersecurity measures and will provide a supplemental report on the incident to lawmakers within 30 days.

South Korea’s acting president has ordered an immediate safety inspection of the country’s entire airline fleet following the tragic crash of a Jeju Air plane that claimed 179 lives. The disaster, which occurred on Sunday, marks the deadliest plane crash on South Korean soil in recent history.

The Boeing B737-800, operated by Jeju Air, burst into flames after crash-landing at Muan International Airport. All passengers on board were killed, with only two crew members surviving the incident. The victims, ranging in age from three to 78 years old, were mostly South Koreans, with two Thai nationals also among the deceased.

Acting President Choi Sang-mok, who took office just days before the crash, expressed his heartbreak over the disaster. “My heart aches as we face this unforeseen tragedy amid recent economic hardships,” he said. He has called for a prompt investigation into the cause of the crash and urged authorities to quickly share their findings with the families of the victims.

The crash occurred after the plane, flight 7C2216, was initially cleared to land but had to hold off due to a bird strike warning issued by air traffic control. Once cleared for a landing from the opposite direction, the aircraft touched down but skidded off the runway and crashed into a wall, bursting into flames shortly after 09:00 local time.

In a related incident, another Jeju Air flight, a Boeing B737-800, turned back to Seoul just an hour after taking off on Monday due to a mechanical defect involving its landing gear. The aircraft, which is part of the same fleet, returned to Gimpo International Airport safely, highlighting ongoing concerns about the safety of the airline’s operations.

Jeju Air, which operates 41 aircraft, with 39 of them being the same model involved in the crash, has faced mounting pressure following the tragedy. The airline’s executives issued a public apology at a press conference, vowing to take all necessary steps to address the situation.

Shares of Jeju Air dropped 8% in the wake of the crash, reflecting investor concerns over the airline’s safety record. The incident has rocked South Korea, which has been experiencing political instability after parliament voted to impeach President Yoon Suk Yeol and his temporary successor Han Duck-soo.

Boeing has expressed its condolences and said it is in contact with Jeju Air to offer support. As investigations continue, the airline and the South Korean government are under intense scrutiny to ensure the safety of passengers and prevent further tragedies.