For the second time in a year the U.S. Office of Personnel Management was hacked compromising the personal data of at least four million current and former federal employees. The discovery was confirmed by the Obama administration on Thursday, June 4. At this time it appears the breach occurred in December but was not discovered until April.
The OPM functions as the government’s human resources department and does about 90 percent of federal security clearances. Due to the amount of detail they compile when doing their investigations, both on the applicants, plus information about their contacts, job skills and references, this is a very serious cyber breach.
“Certainly, OPM is a high-value target,” said OPM Chief Information Officer Donna Seymour, in an interview. “We have a lot of information about people, and that is something that our adversaries want.” The OPM had installed new tools and capabilities after the March 2014 breach which allowed it to detect “this intrusion into our networks.”
The OPM announced Thursday that it was sending notifications to approximately 4 million individuals whose personally identifiable information (PII) may have been accessed. It intends on sending out email notifications which will come from firstname.lastname@example.org . Do not respond to other emails claiming to have information about the breach. However, the agency acknowledged that more individuals could have been affected. The PII included everything needed to commit identity theft including names, addresses and social security.
Media sources have primarily pointed at Chinese hackers though some believe it may have originated from Russia. Both countries have been attempting to hack governmental agencies to harvest information covertly. If this was by a Chinese national agency, it is the second major intrusion of the OPM by China in less than a year. Last year Russia compromised both White House and State Department e-mail systems.
Along with the usual steps to monitor for identity theft the OPM advised those affected to monitor their bank accounts for unusual activity, and to request a credit report along with other safeguards against fraud. At this time the OPM has not said that bank account numbers were stolen so this is an unusual request. The FBI said in a statement that it was working with interagency partners to investigate the breach, while the DHS said it was continuing to monitor federal networks for suspicious activity and is “working aggressively” to investigate the extent of the breach.
One source said that U.S. officials believe this could be the biggest breach ever of the government’s computer networks. “The breach is beyond the Office of Personnel Management and Department of Interior, with nearly every federal government agency hit by the hackers,” government officials said. Senator Susan Collins, a member of the Senate intelligence committee, said the breach was “yet another indication of a foreign power probing successfully and focusing on what appears to be data that would identify people with security clearances.”
As the assessment of thee breach continues they may discover millions more of current and former government employees may be affected. At this time it is believed that employees of the legislative and judicial branches, and uniformed military personnel, were not affected.
Senate Homeland Security and Governmental Affairs Chairman Ron Johnson, R-Wisconsin, called the breach “disturbing.” “It is disturbing to learn that hackers could have sensitive personal information on a huge number of current and former federal employees — and, if media reports are correct, that information could be in the hands of China,” Johnson said in a statement. “(The office) says it ‘has undertaken an aggressive effort to update its cybersecurity posture.’ Plainly, it must do a better job, especially given the sensitive nature of the information it holds.”