The Obama administration is scrambling to assess the impact of a massive data breach that occurred when federal agencies were hacked.
A congressional aide familiar with the situation, who declined to be named because he was not authorized to discuss it, says the Office of Personnel Management (OPM) — the agency that handles security clearances and employee records — and the Interior Department were hacked. A second U.S. official who also declined to be identified said the data breach could potentially affect every federal agency.
U.S. officials say the investigation is not complete but all signs point to Chinese hackers as the culprit of the massive data breach, CBS News White House Correspondent Major Garrett reports. The FBI and Department of Homeland Security (DHS) will not confirm the source of the attack publicly, but U.S. officials said the cyber-signatures and methods of the attack indicate Chinese hacking malware and methods.
OPM released a statement saying that the incident potentially affected “personnel data for current and former federal employees, including personally identifiable information (PII). The number affected could be “approximately 4 million individuals,” the statement read.
A DHS statement appeared to confirm the hack, saying that the agency used cyber indicators to detect malicious activity affecting the information technology systems and data in April 2015. At the beginning of May, DHS concluded that OPM’s data had been compromised.
“DHS is continuing to monitor federal networks for any suspicious activity and is working aggressively with the affected agencies to conduct investigative analysis to assess the extent of this alleged intrusion,” the agency said in a statement.
In addition to the 4 million individuals being notified by OPM, the agency said additional notifications could become necessary as the investigation continues. It is offering credit report access, credit monitoring and identify theft insurance and recovery services to potentially affected individuals through a company called CSID.
Separately, the FBI said it is investigating the issue.
The White House was considering a public announcement of the breach Thursday night or Friday morning, an official told the Associated Press.
The Office of Personnel Management is the human resources department for the federal government, and issues security clearances.
This would not be the first time hackers attempted to breach the federal agencies.
In December 2014, the government confirmed that the computer files of more than 40,000 federal workers may have been compromised by a cyberattack at federal contractor KeyPoint Government Solutions. KeyPoint became the largest private clearance firm working for federal agencies several months ago after rival contractor United States Investigative Services (USIS) lost its investigations business with the government following a devastating cyberattack reported earlier that year.
The USIS breach, similar to previous hacking episodes traced to China, tainted the files of at least 25,000 Department of Homeland Security workers and prompted the personnel office’s decision to halt all of USIS’ government field work. That move led to the cancellation of more than 00 million in contracts with USIS.
A wide-ranging strike reported in November compromised the data of more than 800,000 Postal Service workers. The personnel office itself was targeted earlier by cyberhackers traced to China.
Learn more here http://www.cnn.com/2015/06/04/politics/federal-agency-hacked-personnel-management/