Latest hack of US government personnel data worries Washington

Cyber attack at Office of Personnel Management has exposed up to 18 million workers

Office of Personnel Management in Washington: data on millions of US government workers has been hacked. Photograph: Shawn Thew/EPA
Office of Personnel Management in Washington: data on millions of US government workers has been hacked. Photograph: Shawn Thew/EPA

Rarely has a computer hack of personal information, allegedly by agents of a foreign government, caused such a stir in Washington DC.

A breach at the Office of Personnel Management (OPM) has exposed millions of Americans working for the US federal government to the very secrets the office itself has tried to understand and keep out of foreign hands. It was one of the biggest thefts of government records.

The office said at the start of last month it became aware of a “massive breach” of personal data belonging to millions of past and current government workers in April.

It was reported this week more than 10 million individuals could be affected. The Federal Bureau of Investigation says the number could be as high as 18 million.

READ SOME MORE

US officials have said they believe hackers in China are behind the data breach. Beijing has called the claim "irresponsible".

The OPM is in effect the human resources department of the US government, compiling a variety of personal information on individuals and sanctioning security clearances for millions of workers.

Sensitive data

The information collected can include everything from past illegal acts of government employees to foreign nationals they know, from money troubles and financial issues to drug and alcohol abuse.

The system was set up in the aftermath of the September 11th, 2001, attacks to create a central electronic database so government officials could be checked before being granted access to secret information.

Hackers attacked the office on two occasions – the first involved the theft of personnel records and the second security clearance forms.

The Obama administration was criticised by congressional leaders for only disclosing the security-clearance theft, believed to have taken place over years, a week after the personnel files were breached.

Republican congressman Jason Chaffetz, chairman of the House of Representatives oversight and government reform committee, has called on OPM director Katherine Archuleta to resign over the affair.

The theft was a "major counterintelligence loss" for the US intelligence community, said John Hultquist, senior manager of cyber espionage threat intelligence at Dallas security firm iSight Partners.

“It is a big deal,” he said. “Much of what has been taken are historical and background details that our own government looks to identify and evaluate prior to granting security clearances to understand what an adversary would want to know or might be able to utilise, influence or extort in national security for theft.”

Blueprint of targets

Mr Hultquist believes that the hackers might be creating a large database and pairing this data into a blueprint of targets and “how to approach them and take advantage of them”, he said.

The cyber break-in is the latest in a succession of high-profile hacks of government agencies and American companies, the most notorious being North Korea's hacking of Hollywood studio Sony Pictures.

In November, the department of homeland security was hacked, exposing information relating to 25,000 employees.

This week the OPM temporarily suspended a programme that it uses to complete background investigations for four to six weeks, so that security can be improved. Some workers have been issued with new means of collecting information to protect their personal data.

President Barack Obama has identified cyber security as one of the most serious economic and national security challenges to the US.

Declaring cyber attacks a “national emergency” in an executive order signed in April, Mr Obama said: “We’re giving notice to those who pose significant threats to our security or economy by damaging our critical infrastructure, disrupting or hijacking our computer networks or stealing trade secrets of American companies or the personal information of American citizens for profit.”

Despite the notice, the hacking attempts continue unabated.

Simon Carswell

Simon Carswell

Simon Carswell is News Editor of The Irish Times