Hackers linked to the Chinese government broke into U.S. government computer systems in December, allowing them to access personal and professional data files for about four million current and former federal employees, U.S. officials said Thursday.
The Office of Personnel Management (OPM) discovered the massive data breach in April while updating its cybersecurity defenses, “adding numerous tools and capabilities to (its) networks,” Donna Seymour, the OPM’s chief information officer, told the Washington Post.
“As a result of adding these tools, we were able to detect this intrusion into our networks,” she added.
The OPM was updating its network security in response to another data breach that it discovered in March 2014. In that breach, hackers also linked to the Chinese state broke into files containing sensitive data on federal employees applying for security clearances, including financial data, employment history, family details, and other personal information.
In the recently discovered December breach, Chinese hackers broke into an OPM center at the Department of the Interior, accessing information for about four million federal employees, including social security numbers, job assignments, job performance ratings, training information, and possibly payroll information.
According to the Washington Post, the information hackers obtain “could be useful in crafting ‘spear-phishing’ e-mails, which are designed to fool recipients into opening a link or an attachment so that the hacker can gain access to computer systems. Using the stolen OPM data, for instance, a hacker might send a fake e-mail purporting to be from a colleague at work.”
Last spring, the U.S. announced it was indicting five Chinese military officials for their involvement in an economic cyberespionage scheme targeting the computers of major U.S. companies, stealing project plans, economic data, sensitive negotiating details, and other information that could give them leverage over the U.S. in some way.
Austin Berglas, head of cyber investigations at K2 intelligence and a former top cyber official with the FBI’s New York field office, told the Washington Post that “China is everywhere.”
“They’re looking to gain social and economic and political advantage over the United States in any way they can. The easiest way to do that is through theft of intellectual property and theft of sensitive information.”