US governmental investigators are scrambling to assess the impact of a massive data breach involving the agency that handles security clearances and US government employee records, with suspicion quickly falling on China.
Chinese officials issued swift denials, with foreign ministry spokesman Hong Lei branding the accusations irresponsible and unscientific at a news briefing on Friday. “We know that hacker attacks are conducted anonymously, across nations, and that it is hard to track the source,” Hong said. “Its irresponsible and unscientific to make conjectural, trumped-up allegations without deep investigation.”
The hack was the largest breach of federal employee data in recent years. It was the second major intrusion of the same agency by China in less than a year and the second significant foreign breach into U.S. government networks in recent months.
The intruders in the OPM case gained access to information that included employees Social Security numbers, job assignments, performance ratings and training information, agency officials said. OPM officials declined to comment on whether payroll data was exposed other than to say that no direct-deposit information was compromised. They could not say for certain what data was taken, only what the hackers gained access to.
Investigators believe the attack is separate from a hacking incident detected last year at the Office of Personnel Management. That attack was far smaller, although officials didnt disclose at the time how many employees were affected.
The breach disclosed Thursday is the latest sign of the U.S. governments struggles to protect its own data, even though the Obama administration has spent much of the past year pushing companies to do a better job protecting their computer networks and sharing crucial intelligence on cyber weapons.
US Representative Adam Schiff, the ranking Democrat on the House select intelligence committee, said: “The last few months have seen a series of massive data breaches that have affected millions of Americans”.
He called the latest intrusion “among the most shocking because Americans may expect that federal computer networks are maintained with state-of-the-art defenses”.
“Its clear that a substantial improvement in our cyber databases and defenses is perilously overdue,” Schiff said.
Senate intelligence committee chairman Richard Burr said the government must overhaul its cybersecurity defenses. “Our response to these attacks can no longer simply be notifying people after their personal information has been stolen,” he said. “We must start to prevent these breaches in the first place”.