The attack used a stolen remote support SaaS API key to exfiltrate data from workstations in the Treasury Department’s Office of Foreign Assets Control.
Hacking Group ‘Silk Typhoon’ Linked to US Treasury Breach

The attack used a stolen remote support SaaS API key to exfiltrate data from workstations in the Treasury Department’s Office of Foreign Assets Control.