The Chinese cyberwar on the United States continued to ramp up on Thursday as the federal government began notifying millions of employees that their information had been stolen by hackers, who attacked government’s human resources system.
While the feds are working to assess the impact of the massive data breach, Chinese hackers are confirmed to be behind the data breach, Dow Jones reported, citing sources.
“The FBI is working with our inter-agency partners to investigate this matter. We take all potential threats to public and private sector systems seriously, and will continue to investigate and hold accountable those who pose a threat in cyberspace,” an FBI spokesman said.
A congressional aide familiar with the situation said the Office of Personnel Management (OPM and the Interior Department were compromised. Another U.S. official said the data breach could potentially affect every federal agency, making it the largest compromise of government records in history.
The OPM currently plans to notify over 4 million individuals whose identity information may have been compromised in the breach, the agency said in a statement.
“Since the investigation is on-going, additional PII exposures may come to light; in that case, OPM will conduct additional notifications as necessary,” the agency said.
The White House was considering making a statement concerning the breach and was eyeing Thursday evening or Friday morning to do so.
The OPM is effectively the human resources department for the federal government, responsible for employee payroll records. It also handle security clearances, which may have been part of the information targeted.
The breach was discovered in April yet is only notifying users now.
The huge time delay means that millions of Americans could have been victims of fraud in the period between when the breach was discovered and when they were notified.
Such long lag times are the target of data breach notification legislation, which is already law in some states. Its unclear whether a federal agency would be subject to such legislation even if it was enacted on a federal level.
Stay Connected
