World

Cyberattack hits data of 4 million U.S. federal workers

Hackers broke into U.S. government computers, possibly compromising the personal data of four million current and former federal employees, and investigators were probing whether the culprits were based in China, U.S. officials said on Thursday.

Chinese Foreign Ministry spokesman says accusation is irresponsible

A law-enforcement official, speaking to Reuters on condition of anonymity, said a cyberattack against current and former U.S. federal workers was believed to have been launched from outside the United States. (Canadian Press)

Hackers broke into U.S. government computers, possibly compromising the personal data of four million current and former federal employees, and investigators were probing whether the culprits were based in China, U.S. officials said on Thursday.

Cyber investigators linked the breach to earlier thefts of healthcare records from Anthem Inc, the second largest U.S. health insurer, and Premera Blue Cross, a healthcare services provider.

In the latest in a string of intrusions into U.S. agencies' high-tech systems, the Office of Personnel Management (OPM) suffered what appeared to be one of the largest breaches of information ever on government workers. The office handles employee records and security clearances.

A U.S. law enforcement source told Reuters a "foreign entity or government" was believed to be behind the cyberattack. Authorities were looking into a possible Chinese connection, a source close to the matter said.

A Chinese Foreign Ministry spokesman said such accusations had been frequent of late and were irresponsible. Hacking attacks were often cross-border and hard to trace, he said.

The FBI said it was investigating and aimed to bring to account those responsible.

Several U.S. states were already investigating a cyberattack on Anthem in February that a person familiar with the matter said is being examined for possible ties to China.

John Hultquist of Dallas-based iSight Partners told Reuters that the latest attack on OPM and the earlier breaches at Anthem and Premera Blue Cross appear to have been the work of cyber-espionage hackers working on behalf of a state, not those focused on cybercrime.

He said they may have widened their net to gather personally identifiable information for more elaborate, finely-tuned attacks in the future. "This is usually done by criminals, but based on their behavior, we believe these are espionage actors," said Hultquist.

Comments

To encourage thoughtful and respectful conversations, first and last names will appear with each submission to CBC/Radio-Canada's online communities (except in children and youth-oriented communities). Pseudonyms will no longer be permitted.

By submitting a comment, you accept that CBC has the right to reproduce and publish that comment in whole or in part, in any manner CBC chooses. Please note that CBC does not endorse the opinions expressed in comments. Comments on this story are moderated according to our Submission Guidelines. Comments are welcome while open. We reserve the right to close comments at any time.