In 1999, Sun et al. proposed a new (t, n) threshold proxy signature scheme based on Zhang's threshold proxy signature scheme. But in 2003 Hsu et al. pointed out that Sun's scheme suffered from a drawback and demonstrated an improvement to counter it. In this paper we point out that Hsu's scheme suffers from an insider attack against their scheme. That is, a malicious proxy signer can forge a valid threshold proxy signature on any message. To thwart this attack, some improvements are further proposed.