4 million federal workers victimized by hack

http://thehill.com/policy/cybersecurity/244084-hackers-make-off-with-4-million-federal-employees-data

Roughly 4 million current and former federal employees have had their data exposed by a hack, the Obama administration said Thursday.The notification from the Office of Personnel Management (OPM) was short on details, but it appears troves of sensitive information had been pilfered.

Separate media reports cited China as being behind the massive hack.“Protecting our Federal employee data from malicious cyber incidents is of the highest priority at OPM,” said OPM Director Katherine Archuleta. “We take very seriously our responsibility to secure the information stored in our systems.”The FBI said it had opened up an investigation into the breach, which The Wall Street Journal reported is believed to have come from hackers in China.

An unnamed U.S. official told NBCNews that the data breach might touch every federal agency. Some Senate leaders appeared aware of the incident throughout the day, but said they had not been briefed. "I’ve heard bits and pieces, but I don’t know anything about it," Senate Intelligence Committee Chairman Richard Burr (R-N.C.) told The Hill. A Department of Homeland Security spokesman said it noticed “malicious activity affecting its information technology (IT) systems and data in April.”After investigating, DHS officials concluded in early May that OPM data had been compromised.The OPM then took steps to install new security measures, restricting access of network administrators and reducing remote access.

This is not the first time OPM has stumbled with protecting personnel data. The agency was also breached last year. It appears the most recent incident was unrelated to that intrusion, although Chinese hackers are suspected in both instances.Administration officials held a conference call Thursday night with federal employee unions to discuss the breach, a few hours after they initially notified the unions of the incident.


“It is vital to know as soon as possible the extent to which, if any, personal information may have been obtained so that affected employees can be notified promptly and encouraged to take all possible steps to protect themselves from financial or other risks,” said Colleen Kelley, national president of the National Treasury Employees Union (NTEU), represent 150,000 employees across 31 federal agencies and departments.

Last edited by Common Sense (6/04/2015 5:32 pm)