US Government Hacked – 4 Million Personnel Records Stolen
Office of Personnel Management Breach – 1.5 Million Serving Military Personnel Records Amongst Records Stolen – Chinese Hackers Suspected
Chinese hackers are suspected of stealing over 4 million personal, government records from the Office of Personnel Management (OPM), in one of the largest breaches of US Government security. US officials have launched a detailed investigation, and the issue is driving a wedge between the two countries in the aftermath of the hack. The OPM acts as the Human Resources arm of dozens of federal agencies, handling salary and pension payments, and training.
Stolen records may contain exceptionally sensitive information regarding military and clandestine personnel.
The investigation is in its infancy at this stage, but the political fallout is being felt across the country and not just in Washington D.C., and while China is strongly suspected to be the culprit, it isn’t exactly clear yet.
What is clear is that this is the largest theft of government data in history.
Something has to change.
The United States and China have frequently clashed over cyber-security, with the former accusing both the Chinese government and military of stealing economic secrets from American businesses. The Chinese have strongly denied these allegations, and claims it is itself the victim and target of hacking attempts.
It isn’t only the Chinese who are suspected of launching multiple cyber-attacks though, with Russian hackers suspected of perpetrating a long-running data security breach at the Department of State. In that disturbing instance, the Department of State announced back in February 2015 it had up to that date been unable to prevent or remove Russian hackers from an unclassified email system. This was even after assistance from clandestine agencies and private companies and consultants working the issue.
Coming hard on the heels of the IRS data breach we reported on last week, where over 100,000 detailed taxpayer records were stolen, this instance simply underlines the need for the US Government to firm up cyber security.
While these two breaches affect government data, they still pale in comparison with private sector breaches. Anthem Inc, the major health insurer reported earlier this year that as many as 80 million customers and patient records may have been compromised. Last year, Home Depot announced that approximately 56 million credit cards data records may have been stolen, during a prolonged 5 month attack.
A major difference with the OPM hack, is that over a million stolen records (possibly 1.5 million) pertain to uniformed, serving military personnel.
There is also some comfort to be found in this situation: the breach has been discovered.
In many instances, data theft goes unnoticed, sometimes for months and years, and certainly there is a significant number, which cannot be quantified, of hacks which go unnoticed. In the OPM case, a detection and intrusion system, known as Einstein, detected the breach.
Nevertheless, this is very cold comfort and Rep. Adam Schiff of California, the ranking Democrat on the House Permanent Select Committee on Intelligence, said,
“[the breach is] among the most shocking because Americans may expect that federal computer networks are maintained with state of the art defenses.”
OPM is meanwhile taking immediate measures to strengthen security, reducing remote access to both networks and data, as well as deploying anti-malware. In addition, there is the usual offer of identity theft and fraud protection services being offered at no cost to affected employees.
Underlining all of this, is the overriding imperative to ensure data is protected: it is clear the US Government offices have not been keeping themselves on top of data protection, despite the current Administration exhorting the private sector to do so.
Cyber-security is a serious and necessary need – you would never leave your car unlocked with the keys in the ignition, or go on vacation and leave the your doors and windows wide open for a couple of weeks.
So why do so many leave their network and data unlocked?
About Swift Systems – Data Protection and Network Security Specialists
Swift Systems is a veteran-owned IT security specialist, operating its own data center and helps secure government and highly;y-sensitive private sector data and networks.
Call Al Dieter for a no-obligation consultation on your network security today, or use this form to request more information.
Call: 301.682.5100
(1 votes, average: 5.00 out of 5)
Loading...Let our Specialists take care of your IT Support
The Owner’s Guide to Lean IT
IT systems are foundational to modern businesses. Too often, that foundation is unsteady. Unpredictable outages, insecure networks, and unreliable performance from mission-critical systems can jeopardize your entire business.
There’s a better way. Learn how.
Get in touch with us for a free consultation with one of our technical experts. We’ll review your current systems, assess your needs, and identify the coverage options to best meet them.
Get in touch with us by phone: