This could be one of the most devastating blows yet struck in the shadowy First Cyber War. The Associated Press reports “the Obama administration is scrambling to assess the impact of a massive data breach involving the agency that handles security clearances and employee records.”
A congressional aide familiar with the situation, who declined to be named because he was not authorized to discuss it, says the Office of Personnel Management and the Interior Department were hacked. A second U.S. official who also declined to be identified said the data breach could potentially affect every federal agency.
The White House was considering a public announcement of the breach Thursday night or Friday morning, the second official said.
The Washington Post says Chinese hackers were responsible for the breach, which may have affected the personal data of up to 4 million current and former government employees.
“The hack was the second major intrusion of the agency by China in less than a year,” reports the Post, which says the breach was actually discovered in April by the OPM, using new cybersecurity tools.
The data potentially exposed included employees’ job assignments, performance ratings and training, the officials said. The breach did not involve background or clearance investigations, they said.“Certainly, OPM is a high value target,” said OPM Chief Information Officer Donna Seymour, in an interview. “We have a lot of information about people, and that is something that our adversaries want.”
With that understanding, she said, within the last year “OPM has undertaken an aggressive effort to update our cybersecurity posture, adding numerous tools and capabilities to our networks. As a result of adding these tools, we were able to detect this intrusion into our networks.”
“Protecting our federal employee data from malicious cyber incidents is of the highest priority at OPM,” said the agency’s director, Katherine Archuleta, in a statement.
Having know since April that four million people might have had their secure information compromised, but keeping it a secret until June 5, left a large number of people exposed to potential hacker mischief for an awfully long period of time, with all due respect for the importance of keeping an ongoing investigation confidential.
An official who spoke to the Wall Street Journal said this could be “one of the largest thefts of government data ever seen.” The FBI and Department of Homeland Security are reportedly on the case.
“The Chinese embassy in Washington did not immediately respond to a request for comment,” writes the Journal. “In the past, its spokesman has noted it is notoriously difficult to identify the provenance of computer hackers.”
What happens if the FBI and DHS definitively trace this attack to a Chinese government operation? What happens if the hackers stole material even more sensitive than personal data on government employees?