- Influencer faces 20 years for hiring cousin to threaten man into giving up domain name 4 Years Ago
- ‘Avengers: Endgame’ isn’t actually the end of Marvel’s Phase 3 4 Years Ago
- ‘Star Trek: Discovery’ just obliterated every stupid argument about its place in canon Today 9:24 AM
- ‘Game of Thrones’ brings us lots of horny Tormund memes Today 8:46 AM
- 12 adult toys sex bloggers swear by Today 8:45 AM
- Howard Schultz mocked for ‘majority of Americans are Americans’ ad Today 8:35 AM
- The ultimate guide to strap-ons Today 8:00 AM
- Why ‘Ant-Man and the Wasp’ is my favorite Marvel movie Today 7:59 AM
- The quick and dirty guide to buying your first vibrator Today 7:45 AM
- How to watch ‘Live Rescue’ for free Today 7:00 AM
- Roger Stone to speak at Virginia strip club Today 6:56 AM
- Trans/Sex: Solid sex toy picks for pre-op and non-op trans women Today 6:30 AM
- Why Barrett Brown burned his National Magazine Award—and what he’s planning next Today 6:30 AM
- That heartbreaking ‘Game of Thrones’ song has key ties to the book Today 6:27 AM
- Here are the 11 best health documentaries on Netflix Today 6:00 AM
Largest cyberattack in U.S. government history exposed the records of 4 million employees
Uncle Sam gets pwned.
The Obama administration announced late Thursday that a cyberattack on the Office of Personnel Management (OPM) had exposed the personal information of up to four million current and former federal employees. The attack is believed to be the largest ever breach of the government’s computer systems.
OPM handles human resources for the entire federal government. The hackers are believed to stolen names, birthdates, and Social Security numbers, although the SSNs are likely encrypted. While OPM also handles highly sensitive security clearances, officials told NBC News that they don’t believe any CIA covert identities have been compromised.
OPM first discovered evidence of the breach in April.
Anonymous U.S officials told the Washington Post that they believed that the attack originated in China, and while they suggested it was state-sponsored, there is no evidence yet to support that claim.
Texas-based cybersecurity firm iSight Partners said that the hackers behind the OPM hack were also likely responsible for the theft of millions of patient records from healthcare giant Anthem Blue Cross. The company tied the two incidents together based on the similarities in the techniques used.
Chinese officials insisted to CNN that the county’s government had nothing to do with the attack.
“Cyberattacks conducted across countries are hard to track, and therefore the source of attacks is difficult to identify,” said Zhu Haiquan, a spokesperson for the Chinese embassy in Washington, D.C. “Jumping to conclusions and making hypothetical accusation is not responsible and counterproductive.”
The OPM breach wouldn’t be the first time that China notorious hackers allegedly broken into the agency’s computer systems. In March 2014, hackers apparently traced to China were found to have targeted OPM computer systems containing information about the federal employees who had applied for top-secret security clearances.
OPM will be sending out notifications to everyone whose information was compromised on Monday. The agency will also provide free credit-monitoring and identity-theft insurance-and-recovery services to victims for 18 months.
“Protecting our federal employee data from malicious cyber incidents is of the highest priority at OPM,” Katherine Archuleta, the office’s director, said in a statement. “We take very seriously our responsibility to secure the information stored in our systems, and in coordination with our agency partners, our experienced team is constantly identifying opportunities to further protect the data with which we are entrusted.”
The Federal Trade Commission has posted a set of guidelines for affected government employees. The FTC urged victims to check their credit report for unfamiliar transactions on annualcreditreport.com and to place a fraud alert on their credit reports. OPM’s letters to theft victims will include a list of what information was exposed for each employee.
The attack on OPM is the second high-profile hack on U.S. government computers in recent weeks. Late last month, the Internal Revenue Service announced that hackers had taken advantage of a weakness in an application on the agency’s website to steal the personal information of over 100,000 American taxpayers.
While cyberattacks against the U.S. make the news with some regularity—like when Russian hackers compromised White House computers—virtual assaults against government systems are a daily occurrence. CNN estimated that there were nearly 61,000 cyberattacks and security breaches directed at government computers in 2014 alone.
Photo via Colin/Wikimedia Commons (CC BY SA 4.0)
Aaron Sankin is a former Senior Staff Writer at the Daily Dot who covered the intersection of politics, technology, online privacy, Twitter bots, and the role of dank memes in popular culture. He lives in Seattle, Washington. He joined the Center for Investigative Reporting in 2016.