The US on Thursday reported the largest ever cyber-breach at one of its government agencies that recruits and trains federal employees and, thus, has sensitive information about them.
Officials pointed to China as the source of the hacking but had not formally blamed its government for it till many hours after the announcement, despite persisting media reports.
The breach was discovered this past April but, according to official sources quoted in local media reports, it’s believed to have started late last year, possibly December.
“The US Office of Personnel Management (OPM) recently became aware of a cybersecurity incident affecting its systems and data that may have compromised the personal information of current and former Federal employees,” the department said in a statement.
It added that “Personally Identifiable Information was potentially compromised” for approximately 4 million federal employees.
This is the second instance of breach of this department — last summer — also traced to China. Hacked information pertained to employees who had applied for top-secret security clearances.
In another instance, hackers traced to Russia managed to get into the White House network and access emails sent by President Barrack Obama, though his personal account remained safe.
Social Security Numbers, unique personal identification numbers for people living in the United States legally, seemed to have been the target of the hacking reported on Thursday.
China said on Friday that any allegations that it was involved in breaking into US government computers are irresponsible. Chinese foreign ministry spokesperson Hong Lei said at a regular news briefing that Beijing hopes the US would be “less suspicious and stop making any
unverified allegations, but show more trust and participate more in cooperation”.
The United States has long suspected Chinese hackers, some state-sponsored, of repeatedly breaching government networks and those of private companies.
It charged five Chinese military personnel last may — by name — with hacking computers of American companies to steal non-public commercial information.
And in a move that is bound to elicit strong reaction — possibly even retaliatory measures — from Beijing, the US alleged those hits were authorised by the Chinese government.
That was the first time the US had charged state actors with cyber espionage, and many countries including India, which have been victims of Chinese hackers, will be watching.
“For too long, the Chinese government has blatantly sought to use cyber espionage to obtain economic advantage for its state-owned industries,” the FBI had said then.
On Thursday, the bureau said. “We take all potential threats to public and private sector systems seriously and will continue to investigate and hold accountable those who pose a threat in cyberspace.”
(With agency inputs from Beijing)