The U.S. is investigating a massive data breach that exposed personal information on around 4 million federal government workers, according to news reports Thursday.
China is suspected of having a hand in the attack, described by an unnamed official as "one of the largest thefts of government data ever seen," the Wall Street Journal reported.
The attack targeted the Office of Personnel Management, a government agency tasked with hiring and retaining government workers. The same agency was breached last year, but this was apparently a separate attack.
The Department of Homeland Security confirmed the breach, saying data from OPM and the Interior Department were compromised at the beginning of last month, according to the Associated Press.
The OPM conducts the vast majority of background checks on government employees, and a big question is whether information about intelligence agency workers was exposed.
Last year, OPM and the Department of Homeland Security stopped doing background checks through a contractor in Virginia, after the contractor said its networks had been breached in what looked like a state sponsored attack. That incident was apparently unrelated to this latest hack.
The FBI is investigating to determine which federal agencies were affected, though it could potentially be all of them, news reports said.
China is often a suspect in state-sponsored attacks, but it's unclear how much evidence points to that country on this occasion. Unnamed U.S. officials told the Journal that China is a suspect, but they also said the investigation continues. The Journal notes that it's notoriously hard to identify the origin of attacks.
The Department of Homeland Security said its intrusion detection system, known as Einstein, detected the attack and that the FBI is investigating, the AP reported.
Join the CIO New Zealand group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.