The Office of Personnel Management announced Thursday that it is investigating a massive theft of federal employee data that could affect millions of both current and former employees.
By Thursday night, CNN was reporting that some officials believe they can trace the source of the giant hack to the Chinese government.
OPM said it detected a “cyber-intrusion” in April, and said that intrusion predated the adoption of tighter security controls. OPM, essentially the government’s human resources department, said it is working with the FBI and the Department of Homeland Security to assess the “full impact to federal personnel,” but said millions may have been affected.
“As a result of the incident, OPM will send notifications to approximately 4 million individuals whose PPI may have been compromised,” OPM said, referring to personally identifiable information.
“Since the investigation is ongoing, additional PII exposures may come to light; in that case, OPM will conduct additional notifications as necessary,” OPM said. The agency said it would offer credit monitoring and identify theft insurance to those affected.
Despite the huge potential theft of personal information, OPM Director Katherine Archuleta said keeping data safe is “of the highest priority at OPM.”
“We take very seriously our responsibility to secure the information stored in our systems, and in coordination with our agency partners, our experienced team is constantly identifying opportunities to further protect the data with which we are entrusted,” she said.
By Thursday night, members were starting to react.
Sen. Lindsey Graham, R-S.C., a presidential candidate, said the breach is another example of the U.S. “being walked over by rivals and adversaries.”
“The Obama administration’s failures in foreign policy and national security continue to pile up yet they do nothing to change course,” he said. “I fear a cyber ‘Pearl Harbor’ is increasingly more likely if we do not invest in the necessary infrastructure to protect our nation.”
“Today’s news that United States government systems were again breached demonstrates that cybersecurity must be one of our top priorities,” said Senate Intelligence Committee Chairman Richard Burr, R-N.C. “Every day, these attacks are getting more technically advanced and now another agency has been compromised.”
“We cannot continue to look the other direction,” he said. “Our response to these attacks can no longer simply be notifying people after their personal information has been stolen; we must start to prevent these breaches in the first place.”
Rep. Gerry Connolly, D-Va., tweeted that the breach “reinforces need for agencies to aggressively adopt proactive 24-7 cyber-security measures.”
OPM encouraged federal workers to monitor their accounts for possible suspicious activity and get a recent credit report.
News of the data breach was first reported late Thursday afternoon, sourced to an anonymous congressional aide who said OPM and the Interior Department were hacked. According to a second anonymous U.S. official, the data breach could potentially affect every federal agency.
Chinese hackers are suspected to be behind the data breach, which is currently being probed by the Federal Bureau of Investigation. OPM’s
The Wall Street Journal reported that one official called it the largest thefts of government data ever seen.
