Personal Info of 4 Million Federal Workers Compromised by Cyber Attack

[Content Note: Privacy violations.]

Hackers breached the computers of the U.S. government agency that collects personnel information for federal workers in a massive cyber attack that compromised the data of about 4 million current and former employees, U.S. officials said on Thursday.

A U.S. law enforcement source told Reuters a foreign entity or government was believed to be behind the cyber intrusion against the Office of Personnel Management (OPM), and media reports said authorities suspected it originated in China.

The Federal Bureau of Investigation said it had launched a probe and would hold the culprits accountable.

OPM detected new malicious activity affecting its information systems in April and the Department of Homeland Security said it concluded at the beginning of May that the agency's data had been compromised.

...There was no immediate comment from the White House on the latest cyber attack.

Since the intrusion, OPM said it had implemented additional security precautions for its networks. It said it would notify the 4 million people affected and offer credit monitoring and identity theft services to the people affected.
Both current and former federal employees, whose information may still have been stored on the breached systems, could be affected.

The New York Times reports that the hack appeared to target Social Security numbers and other "personal identifying information," a sweep of information so broad that its purpose isn't immediately clear. That is, it seems too sweeping for espionage. And, although there is a belief that the hack originated in China, the Obama administration "did not publicly identify Chinese hackers as the culprits because it is difficult to definitively attribute the source of cyberattacks and to back up such an attribution without divulging classified data."

The announcement of the intrusion came on the same day The New York Times reported that the National Security Agency had expanded warrantless surveillance of foreign hackers, an effort that could sweep up the information of innocent Americans.
That's an interesting little piece of information. I'm not sure if that's an ass-covering measure, or the use of a security breach to simply usher in some shiny new surveillance expansion without much scrutiny, or both.

Either way: Not good.

Shakesville is run as a safe space. First-time commenters: Please read Shakesville's Commenting Policy and Feminism 101 Section before commenting. We also do lots of in-thread moderation, so we ask that everyone read the entirety of any thread before commenting, to ensure compliance with any in-thread moderation. Thank you.

blog comments powered by Disqus