Millions of US government workers hit by data breach
Staff Writer | Friday June 5, 2015 06:00
The Office of Personnel Management (OPM) confirmed that both current and past employees had been affected.The breach could potentially affect every federal agency, officials said.US officials said the hackers were believed to be based in China.
Beijing responded by calling such claims 'irresponsible'.OPM said it became aware of the breach in April during an 'aggressive effort' to update its cyber security systems.It said it would be contacting all those individuals whose personal data may have been breached in the coming weeks, and offering them 18 months of free credit monitoring and identity theft insurance.OPM serves as the human resource department for the federal government.
The agency issues security clearances and compiles records of all federal government employees.Information stored on OPM databases includes employee job assignments, performance reviews and training, according to officials.The breach did not involve background checks and clearance investigations, officials said.
Analysis by Tom Bateman, BBC News, Washington
It is the scale of what the OPM calls a 'cyber intrusion' in April this year that is breathtaking - the records of four million former and current government employees may have been breached.
The agency is contacting all of those potentially affected, offering to insure them against identity fraud. Of even greater concern may be the fact that security clearance information on government officials could have been targeted.
US officials are only too aware of the real damage caused by such virtual threats. In the past year, a growing number of government agencies and companies - most notoriously Sony Pictures - have fallen victim to such attacks.
Susan Collins, a member of the Senate Intelligence Committee, said the hackers were believed to be based in China.
She called the breach 'yet another indication of a foreign power probing successfully and focusing on what appears to be data that would identify people with security clearances'.
But China denied there was any official involvement in the attack.
'Cyber attacks are generally anonymous and conducted across borders and their origins are hard to trace,' foreign ministry spokesman Hong Lei said at a regular briefing.
'Not to carry out a deep investigation and keep using words such as 'possible' is irresponsible and unscientific.'
The FBI and the Department of Homeland Security are said to be investigating the latest breach.
Ken Ammon, chief strategy officer of Xceedium - a cyber security firm - warned that the hacked data could be used to impersonate or blackmail federal employees with access to sensitive information.
Congressman Adam Schiff has called for cyber databases to be upgraded.
Americans 'expect that federal computer networks are maintained with state of the art defences', Mr Schiff said.
'The cyber threat from hackers, criminals, terrorists and state actors is one of the greatest challenges we face on a daily basis, and it's clear that a substantial improvement in our cyber databases and defences is perilously overdue.'