US hit by ‘massive data breach’

    0
    798

    Chinese hackers are suspected of carrying out a “massive breach” affecting the data of millions of US government workers, officials said.

    The Office of Personnel Management (OPM) confirmed on Thursday that almost four million current and past employees have been affected.

    The breach could potentially affect every federal agency, officials said.

    Susan Collins, a member of the Senate Intelligence Committee, said the attack was thought to originate in China.

    The Chinese embassy in Washington warned against “jumping to conclusions”.

    Embassy spokesman Zhu Haiquan told Reuters news agency that the accusations were “not responsible, and counterproductive”.

    Grey line

    Analysis by Tom Bateman, BBC News, Washington

    It is the scale of what the OPM calls a “cyber intrusion” in April this year that is breathtaking – the records of four million former and current government employees may have been breached.

    The agency is contacting all of those potentially affected, offering to insure them against identity fraud. Of even greater concern may be the fact that security clearance information on government officials could have been targeted.

    US officials are only too aware of the real damage caused by such virtual threats. In the past year, a growing number of government agencies and companies – most notoriously Sony Pictures – have fallen victim to such attacks.

    Grey line

    OPM serves as the human resource department for the federal government. The agency issues security clearances and compiles records of all federal government employees.

    Information stored on OPM databases includes employee job assignments, performance reviews and training, according to officials.

    The breach did not involve background checks and clearance investigations, officials said.

    Mrs Collins called the breach “yet another indication of a foreign power probing successfully and focusing on what appears to be data that would identify people with security clearances”.

    US Senator Susan Collins in Washington. 2 Dec 2014
    Senator Susan Collins said the hackers were believed to be based in China

    Using a new cyber security system known as Einstein, the OPM detected a “cyber-intrusion” in April 2015. The FBI said it was investigating the breach.

    Ken Ammon, chief strategy officer of Xceedium – a cyber security firm – warned that the hacked data could be used to impersonate or blackmail federal employees with access to sensitive information.

    Grey line

    Previous hack attacks on US government

    • In November 2014 a hack compromised files belonging to 25,000 employees of the Department of Homeland Security, as well as thousands of other federal workers
    • In March 2014 hackers breached OPM networks, targeting government staff with security clearance, but the attempt was blocked before any data was stolen. The intrusion was traced to China
    • In 2006, hackers believed to be based in China breached the system of a sensitive bureau in the US Department of Commerce. Hundreds of workstations had to be replaced
    Grey line

    Congressman Adam Schiff has called for cyber databases to be upgraded in light of the most recent attack.

    Americans “expect that federal computer networks are maintained with state of the art defences”, Mr Schiff said.

    “The cyber threat from hackers, criminals, terrorists and state actors is one of the greatest challenges we face on a daily basis, and it’s clear that a substantial improvement in our cyber databases and defences is perilously overdue.”