Insights & Reports
Illuminating the Dark Web
Presented By Amazon Web Services
Download Now
The Business Value of Google Security Operations
Presented By Google Cloud
Download Now
Defense Systems

A breakdown on the hack of 4 million federal employee records

It apparently came from China and affected nearly every federal agency, although uniformed military personnel are in the clear.

Kevin McCaney

|

The government on Monday will begin notifying 4 million current and former federal employees that their personal information could have been taken in a massive hack that investigators said apparently originated in China. Here are the essentials.

Who’s at risk: Officials said nearly every agency was affected, and that, because the investigation is ongoing, the number of people whose information was exposed could grow. However, uniformed military personnel are not affected, nor are those working in the legislative and judicial branches. Social Security numbers and other personal information were apparently targeted, although it’s uncertain whether goal was espionage or financial gain, the New York Times reported.

What was hacked: The data was held by the Office of Personnel Management, which conducts background checks and holds personnel data on federal employees, including those in the Defense Department. In 2005, checks on DOD employees were shifted to OPM from the Defense Security Service, a small agency that was having trouble keeping up with the surge in demand after 9/11. OPM succeeded in cutting the time for background checks down to the preferred 40 days, although some in Congress last year questioned whether the agency was sacrificing thoroughness for the sake of speed.  

When did the attack occur: The hack was discovered in April using the EINSTEIN detection system and announced by the administration June 4, although it apparently dates to sometime in 2014.

Who’s behind it? Although investigators said the attack originated in China, and that they suspect the Chinese government, they stopped short of publicly saying it was state-sponsored. The exact source of a cyber attack can be hard to attribute, because attacks can be routed through servers around the world and made to appear to come from somewhere else. China, for its part, called the accusations baseless.

But China is suspected of building a massive database on Americans, for unknown reasons, and the U.S. has pointed a finger at the country before. In fact, in July 2014 U.S. officials blamed China for another hack of OPM databases, apparently in search of information on people applying for top secret clearances. And in May 2014, the Justice Department filed espionage charges against five Chinese military officials.

What’s next? OPM expects to take from June 8 to June 19 to notify all 4 million employees whose data was compromised. Meanwhile, it is offering advice on how people can monitor their personal and financial data, including where to get a free credit check. The office also offers a standard list of dos and don’ts on how to avoid becoming a victim. One use hackers can make of personal information is to apply it to phishing attacks, which are the most common vector in attacks on government networks.

NEXT STORY: Navy's third high-bandwidth satellite ready for duty