Chinese hackers have been accused of stealing data relating to more than 4m existing and former US government workers in a massive breach that could potentially affect every federal agency.
The breach has been confirmed by the Office of Personnel Management (OPM), which said that the data stolen includes personally identifiable information.
OPM is in effect the human resource department of the US government and the scale of the attack in terms of the number of individuals that could be affected is breathtaking.
The OPM has partnered with the US Department of Homeland Security’s Computer Emergency Readiness Team (US-CERT) and the FBI to determine the full impact of the attack.
The OPM has responded by restricting network administration functions and reviewing all connections to outside networks as well as deploying anti-malware procedures.
Identity theft risk
To mitigate the risk of fraud against the workers, OPM is offering credit report access and is working with specialist firm CSID, which offers up to US$1m in identity theft protection.
“Protecting our federal employee data from malicious cyber incidents is of the highest priority at OPM,” said OPM director Katherine Archuleta.
“We take very seriously our responsibility to secure the information stored in our systems, and in coordination with our agency partners, our experienced team is constantly identifying opportunities to further protect the data with which we are entrusted.”
Potentially affected workers are being urged to monitor their finances and be vigilant in case of identity theft.
The breach is understood to have occurred in April and investigators suspect hackers in China are responsible for the attack.
The Chinese Embassy in Washington has, however, warned against jumping to conclusions that the attack emanated from China.
Hacker image via Shutterstock