Chinese hackers had access to millions records of US workers

US Government announced that a major data breach likely backed by Chinese hackers caused the exposure of data belonging to millions of government workers.

Once again a data breach interested systems of the US government, the Obama administration on Thursday confirmed to have been the victim of a major cyber attack. According to the US Government the data breach is one of the largest breaches of federal employees’ data, data belonging to more than four million current and former government workers were exposed in the attack that was apparently originated in China. The attackers accessed individual personal identifying information (PII), including Social Security numbers, the violation begun at least late last year despite it was uncovered only in April.

The US Government hasn’t confirmed officially that Chinese hackers are behind the attack, neither the motivation of the intrusion. It is very difficult to definitively attribute the source of cyber attacks and establish is the bad actors are cybercriminals or state-sponsored hackers.

“The Obama administration on Thursday announced what appeared to be one of the largest breaches of federal employees’ data, involving at least four million current and former government workers in an intrusion that officials said apparently originated in China.” reported The New York Times.

The data breach affected US personnel whose information were held by the Office of Personnel Management, the office which handles government security clearances and federal employee records.

Last year, the White House and the State Department was breached by alleged Russian hackers meanwhile Chinese hackers violated systems at personnel office announced stealing files of thousands of  Federal employees.

The disconcerting aspect of the story is that despite the attacks follow each other with increasing frequency, the counter does not seem to be enough to contain intrusions.

All the agencies of the Government are investigating on the case,  according to the NYT, the Department of Homeland Security’s emergency cyberteam had been already using an antihacking system called Einstein.

“[Einstein] alerted the agency to the potential compromise of federal employee data, S. Y. Lee, a spokesman, said in a statement.” reports the NYT.

“We take all potential threats to public and private sector systems seriously, and will continue to investigate and hold accountable those who pose a threat in cyberspace,” Joshua Campbell, a FBI spokesman, said in a statement.

The US Government intends to offer to the users impacted by the data breach 18 months of free credit monitoring to protect them from online fraud, but there is the risk that the stolen data could be used by Chinese hackers for lateral movements in the Government network and to penetrate further systems.

“Protecting our federal employee data from malicious cyberincidents is of the highest priority at O.P.M.” said Katherine Archuleta, the personnel agency’s director.  “We take very seriously our responsibility to secure the information stored in our systems, and in coordination with our agency partners, our experienced team is constantly identifying opportunities to further protect the data with which we are entrusted,” 

Stay Tuned ….

Pierluigi Paganini

(Security Affairs –  US Government, Data Breach, Chinese hackers)