OPM Hack Was Criminal - Not China Government Sponsored
China's official Xinhua news agency said recently that an investigation into a massive US computer breach last year that affected more than 22 million federal workers found the hacking attack was criminal, not state-sponsored.
In an article about a meeting between top US and Chinese officials on cyber security issues held in Washington, Xinhua said the breach at the United States Office of Personnel Management (OPM) was among the cases discussed.
The report did not give details of who conducted the investigation, or whether, the US and Chinese officials, both agreed with the conclusion.
OPM has been under scrutiny from lawmakers and the public ever since it disclosed earlier this year that it had fallen victim to two cyber attacks, which officials have privately linked to Chinese hackers.
The intrusions exposed sensitive personal information, including names, Social Security numbers and addresses of more than 22 million current and former federal employees and contractors, in addition to 5.6 million fingerprints.
Top US and Chinese officials convened in Washington for the first round of cyber security talks following the signing of a bilateral anti-hacking accord in September. Talks recently were seen as potentially significant in establishing acceptable norms for cyber espionage.
China and the US reached a broad agreement on the joint fight against cyber crimes, and will set up a hotline for these issues, according to Xinhua and CCTV, China's state-operated national broadcaster.
CCTV said a spokesperson for the Department of Homeland Security declined to comment on any agreement. The next meeting is scheduled for next June, Xinhua said.
Along with the OPM hack, officials from the two countries identified other cases to work on, reached further consensus on fighting cyber terrorism and agreed on programs to boost the fight against cyber crimes, Xinhua said, without giving further details.
It also marks an ongoing effort to repair bilateral relations after China withdrew from a working group last year in response to the US indictment of five members of its military on charges it hacked six US companies.