The Office of Personnel Management of US has revealed that a record personal information of about four million current and former federal employees may have been stolen by Chinese hacker.
The agency has warned that victims would have to monitor their finances and get new credit reports to ensure there was no attack on the employees’ credit cards. The record breach is the first to be reported even as news emerged of a warrantless surveillance program by NSA that peeped into Internet communications made by US residents in a bid into thwart hackers. Initial reports have revealed that the breach extends to the networks that were beyond the Office of Personnel Management and Department of Interior. There could be many more employees who were impacted by the breach and the assessment is ongoing.
The US officials have put the blame on Chinese hackers associated with the Chinese military for the data breach though it remains unclear what the database could be used for. The officials also clarified that employees of the legislative and judicial branches, and uniformed military personnel, were not affected. It is also unclear at the moment whether data of contract workers associated with Federal projects were also impacted.
According to the Department of Homeland Security, the data breach came to light when the personnel office was running a program to strengthen the cybersecurity defense system in the country. The breach was found out in April 2015 and the agency learnt that data was compromised a month later. Currently, the breach is under investigation by the FBI. "We take all potential threats to public and private sector systems seriously, and will continue to investigate and hold accountable those who pose a threat in cyberspace," the FBI said in a statement.
The federal personnel office meanwhile has issued a statement that "personally identifiable information" had been breached without putting an identity for the culprits.
The IRS branch of US was the victim of a separate cyber-attack with source in Russia where the tax returns of around 100,000 US citizens were breached.
The agency has warned that victims would have to monitor their finances and get new credit reports to ensure there was no attack on the employees’ credit cards. The record breach is the first to be reported even as news emerged of a warrantless surveillance program by NSA that peeped into Internet communications made by US residents in a bid into thwart hackers. Initial reports have revealed that the breach extends to the networks that were beyond the Office of Personnel Management and Department of Interior. There could be many more employees who were impacted by the breach and the assessment is ongoing.
The US officials have put the blame on Chinese hackers associated with the Chinese military for the data breach though it remains unclear what the database could be used for. The officials also clarified that employees of the legislative and judicial branches, and uniformed military personnel, were not affected. It is also unclear at the moment whether data of contract workers associated with Federal projects were also impacted.
According to the Department of Homeland Security, the data breach came to light when the personnel office was running a program to strengthen the cybersecurity defense system in the country. The breach was found out in April 2015 and the agency learnt that data was compromised a month later. Currently, the breach is under investigation by the FBI. "We take all potential threats to public and private sector systems seriously, and will continue to investigate and hold accountable those who pose a threat in cyberspace," the FBI said in a statement.
The federal personnel office meanwhile has issued a statement that "personally identifiable information" had been breached without putting an identity for the culprits.
The IRS branch of US was the victim of a separate cyber-attack with source in Russia where the tax returns of around 100,000 US citizens were breached.
