- Sean Hannity busted deleting all his old Michael Cohen tweets 4 Years Ago
- Michael Cohen calls working for Trump ‘mental incarceration’ during sentencing 4 Years Ago
- Germany just experienced an enormous chocolate spill—and it looks absolutely delicious Today 10:58 AM
- A professor asked his students to go viral, and it actually worked Today 10:38 AM
- Family says racist bullying led to 9-year-old’s suicide Today 9:57 AM
- How ‘Spider-Man: Into the Spider-Verse’ found its eye-popping animation Today 9:15 AM
- Netflix gives Selena Quintanilla the series our queen deserves Today 8:51 AM
- Pence gets meme’d for zen-like looks during Trump’s White House showdown Today 8:50 AM
- Marvel is rebooting the Fantastic Four—with a major twist Today 8:11 AM
- Twitter dunks on conservatives who think Supergirl’s trans character is too ‘woke’ Today 8:09 AM
- Embrace the ’90s with this rad sale on Lisa Frank merch Today 8:04 AM
- How to find your best nine Instagram photos of 2018 before anyone else Today 6:00 AM
- How to watch Animal Planet online for free Today 6:00 AM
- White House frames fiery Oval Office meeting as ‘constructive dialogue’ Tuesday 5:45 PM
- Google CEO tells Congress why searching ‘idiot’ results in Trump images Tuesday 3:52 PM
Largest cyberattack in U.S. government history exposed the records of 4 million employees
Uncle Sam gets pwned.
The Obama administration announced late Thursday that a cyberattack on the Office of Personnel Management (OPM) had exposed the personal information of up to four million current and former federal employees. The attack is believed to be the largest ever breach of the government’s computer systems.
OPM handles human resources for the entire federal government. The hackers are believed to stolen names, birthdates, and Social Security numbers, although the SSNs are likely encrypted. While OPM also handles highly sensitive security clearances, officials told NBC News that they don’t believe any CIA covert identities have been compromised.
OPM first discovered evidence of the breach in April.
Anonymous U.S officials told the Washington Post that they believed that the attack originated in China, and while they suggested it was state-sponsored, there is no evidence yet to support that claim.
Texas-based cybersecurity firm iSight Partners said that the hackers behind the OPM hack were also likely responsible for the theft of millions of patient records from healthcare giant Anthem Blue Cross. The company tied the two incidents together based on the similarities in the techniques used.
Chinese officials insisted to CNN that the county’s government had nothing to do with the attack.
“Cyberattacks conducted across countries are hard to track, and therefore the source of attacks is difficult to identify,” said Zhu Haiquan, a spokesperson for the Chinese embassy in Washington, D.C. “Jumping to conclusions and making hypothetical accusation is not responsible and counterproductive.”
The OPM breach wouldn’t be the first time that China notorious hackers allegedly broken into the agency’s computer systems. In March 2014, hackers apparently traced to China were found to have targeted OPM computer systems containing information about the federal employees who had applied for top-secret security clearances.
OPM will be sending out notifications to everyone whose information was compromised on Monday. The agency will also provide free credit-monitoring and identity-theft insurance-and-recovery services to victims for 18 months.
“Protecting our federal employee data from malicious cyber incidents is of the highest priority at OPM,” Katherine Archuleta, the office’s director, said in a statement. “We take very seriously our responsibility to secure the information stored in our systems, and in coordination with our agency partners, our experienced team is constantly identifying opportunities to further protect the data with which we are entrusted.”
The Federal Trade Commission has posted a set of guidelines for affected government employees. The FTC urged victims to check their credit report for unfamiliar transactions on annualcreditreport.com and to place a fraud alert on their credit reports. OPM’s letters to theft victims will include a list of what information was exposed for each employee.
The attack on OPM is the second high-profile hack on U.S. government computers in recent weeks. Late last month, the Internal Revenue Service announced that hackers had taken advantage of a weakness in an application on the agency’s website to steal the personal information of over 100,000 American taxpayers.
While cyberattacks against the U.S. make the news with some regularity—like when Russian hackers compromised White House computers—virtual assaults against government systems are a daily occurrence. CNN estimated that there were nearly 61,000 cyberattacks and security breaches directed at government computers in 2014 alone.
Photo via Colin/Wikimedia Commons (CC BY SA 4.0)
Aaron Sankin is a former Senior Staff Writer at the Daily Dot who covered the intersection of politics, technology, online privacy, Twitter bots, and the role of dank memes in popular culture. He lives in Seattle, Washington. He joined the Center for Investigative Reporting in 2016.