Thursday, June 4, 2015

Breach in a Federal Computer System Exposes Personnel Data

from nytimes  





WASHINGTON — The Obama administration on Thursday announced what appeared to be one of the largest breaches of federal employees’ data, involving at least four million current and former government workers, in an intrusion that federal officials say apparently originated in China.
The personal data was held by the Office of Personnel Management, which handles government security clearances and federal employee records. The breach was detected in April, the office said, but it appears to have begun at least late last year.
The breach is the third major foreign intrusion into an important federal computer system in the past year.
Last year, the White House and the State Department found that their email systems had been compromised in an attack that has been widely attributed to Russian hackers. In that case, some of President Obama’s unclassified emails were apparently obtained by the intruders.
And last summer, the personnel office announced an intrusion in which hackers appeared to target the files on tens of thousands of employees who had applied for top-secret security clearance.
In that case, the objective seemed clear: The security clearances could help identify covert agents, scientists and others with data of intense interest to foreign governments. That breach appeared to involve Chinese hackers.
But the breadth of the latest attack was so much greater that the objective seemed less clear. It also came before the personnel office had fully put in place a series of new security procedures that restricted remote access for administrators of the network and reviewed all connections to the outside world through the Internet.
In acting too late, the personnel agency was not alone: The National Security Agency was also beginning to put in place new network precautions after its most sensitive information was taken by Edward J. Snowden.
The target in the latest breach appeared to involve Social Security numbers and other “personal identifying information,” which led the personnel office to tell current and former federal employees that they could request free credit reports to make sure that their identities had not been stolen.
It is unclear whether the breach was related to commercial gain or espionage.
The personnel agency said it was working with cybersecurity specialists from the Department of Homeland Security and the Federal Bureau of Investigation to assess the impact of the breach.
“Protecting our federal employee data from malicious cyberincidents is of the highest priority at O.P.M.,” Katherine Archuleta, the agency’s director, said in a statement. “We take very seriously our responsibility to secure the information stored in our systems, and in coordination with our agency partners, our experienced team is constantly identifying opportunities to further protect the data with which we are entrusted.”
Correction: June 4, 2015 
Because of an editing error, an earlier version of a summary with this article said incorrectly that the federal employees affected by the data breach worked for the Office of Personnel Management. The breach affected workers whose information was held by the Office of Personnel Management.

No comments:

Post a Comment