In an announcement made on its website last night, the Office of Personnel Management revealed that it recently became aware of a massive cyber security data breach made in April and affecting more than four million current and former federal employees.
Between June 8 and June 19, affected federal employees can expect an email stated their information was among that breached. Employees will receive free credit monitoring and identity theft protection.
U.S. officials are saying China is behind the attack, believed to be the largest breach of the government’s computer networks. The Washington Post quoted U.S. officials as saying the intrusion appeared to be state-sponsored, and is likely part of an ongoing effort by hackers in the Chinese military to create a database of federal government employees. This is the second OPM breach by Chinese hackers in the past year.
Officials say the data breach did not include information gathered for federal background investigations or information specific to employees applying for security clearances, OPM officials stated. Information that was breached includes social security numbers, job assignments and performance ratings.
Federal law makers have been quick to criticize OPM for the attacks in the face of two major, state-sponsored breaches.
“It is disturbing to learn that hackers could have sensitive personal information on a huge number of current and former federal employees,” said Sen. Ron Johnson (R-Wis.), chairman of the Senate Homeland Security and Governmental Affairs Committee. “It is even more troubling that this is only the latest in a series of cyberattacks on the Office of Personnel Management (OPM). OPM says it ‘has undertaken an aggressive effort to update its cybersecurity posture.’ Plainly, it must do a better job, especially given the sensitive nature of the information it holds.”
