Cyber investigators linked the breach to earlier thefts of
healthcare records from Anthem Inc, the second largest U.S. health
insurer, and Premera Blue Cross, a healthcare services provider.
In the latest in a string of intrusions into U.S. agencies'
high-tech systems, the Office of Personnel Management (OPM) suffered
what appeared to be one of the largest breaches of information ever
on government workers. The office handles employee records and
security clearances.
A U.S. law enforcement source told Reuters a "foreign entity or
government" was believed to be behind the cyber attack. Authorities
were looking into a possible Chinese connection, a source close to
the matter said.
A Chinese Foreign Ministry spokesman said such accusations had been
frequent of late and were irresponsible. Hacking attacks were often
cross-border and hard to trace, he said.
The FBI said it was investigating and aimed to bring to account
those responsible.
Several U.S. states were already investigating a cyber attack on
Anthem in February that a person familiar with the matter said is
being examined for possible ties to China.
John Hultquist of Dallas-based iSight Partners told Reuters that the
latest attack on OPM and the earlier breaches at Anthem and Premera
Blue Cross appear to have been the work of cyber espionage hackers
working on behalf of a state, not those focused on cybercrime.
He said they may have widened their net to gather personally
identifiable information for more elaborate, finely-tuned attacks in
the future. "This is usually done by criminals, but based on their
behavior, we believe these are espionage actors," said Hultquist.
MALICIOUS ACTIVITY
OPM detected new malicious activity affecting its information
systems in April and the Department of Homeland Security said it
concluded at the beginning of May that the agency's data had been
compromised and about 4 million workers may have been affected.
The agencies involved did not specify exactly what kind of
information was accessed.
The breach hit OPM's IT systems and its data stored at the
Department of the Interior's data center, a shared service center
for federal agencies, a DHS official said on condition of anonymity.
The official would not comment on whether other agencies' data had
been affected.
OPM had previously been the victim of another cyber attack, as have
various federal government computer systems at the State Department,
the U.S. Postal Service and the White House.
Chinese hackers were blamed for penetrating OPM's computer networks
last year, and hackers appeared to have targeted files on tens of
thousands of employees who had applied for top-secret security
clearances, the New York Times reported last July, citing unnamed
U.S. officials.
"The FBI is working with our inter-agency partners to investigate
this matter," the bureau said in a statement. "We take all potential
threats to public and private sector systems seriously, and will
continue to investigate and hold accountable those who pose a threat
in cyberspace."
The U.S. government has long raised concerns about cyber spying and
theft emanating from China and has urged Beijing to do more to curb
the problem.
Chinese Foreign Ministry spokesman Hong Lei told a regular daily
news briefing in Beijing that China hoped the United States would
have more trust and cooperate more.
[to top of second column] |
"Without first thoroughly investigating, always saying that 'it's
possible', this is irresponsible and unscientific," said Hong.
There was no comment from the White House.
Since the intrusion, OPM said it had implemented additional security
precautions for its networks. It said it would notify the 4 million
employees and offer credit monitoring and identity theft services to
those affected.
RASH OF ATTACKS
"The last few months have seen a series of massive data breaches
that have affected millions of Americans," U.S. Representative Adam
Schiff, the ranking Democrat on the House Permanent Select Committee
on Intelligence, said in a statement.
Tens of millions of records may have been lost in the attacks on
Anthem and Premera Blue Cross.
iSight's Hultquist said similar methods, servers and habits of the
attackers pointed to one state-sponsored group being responsible for
all three breaches.
The largest federal employee union said it was working with the
administration to ensure measures were taken to secure the personal
information of affected employees. "AFGE will demand
accountability," American Federation of Government Employees
President J. David Cox Sr. said in a statement.
In April, President Barack Obama responded to a growing rash of
attacks aimed at U.S. computer networks by launching a sanctions
program to target individuals and groups outside the United States
that use cyber attacks to threaten U.S. foreign policy, national
security or economic stability.
The move followed indictments of five Chinese military officers who
were charged with economic espionage. U.S. officials also pointed
the finger directly at North Korea for a high-profile attack on Sony
over a film spoof depicting the assassination of North Korea's
leader.
China has routinely denied accusations by U.S. investigators that
hackers backed by the Chinese government have been behind attacks on
U.S. companies and federal agencies.
U.S. military officials have become increasingly vocal about cyber
espionage and attacks launched by China, Russia and other rivals. A
Pentagon report in April said hackers associated with the Chinese
government repeatedly targeted U.S. military networks last year
seeking intelligence.
(Additional reporting by Doina Chiacu, Mark Hosenball, Peter Cooney
and Jeff Mason; Writing by Matt Spetalnick; Editing by David
Gregorio and Alex Richardson)
[© 2015 Thomson Reuters. All rights
reserved.]
Copyright 2015 Reuters. All rights reserved. This material may not be published,
broadcast, rewritten or redistributed. |