Chinese Hackers got in because they outsourced important security to

https://www.beyondtrust.com/

Chinese infiltrated BeyondTrust to gain access. Trusted third parties are security holes.

https://www.reuters.com/technology/cybersecurity/us-treasurys-workstations-hacked-cyberattack-by-china-afp-reports-2024-12-30/