Second Hack of US Federal Records

580x391
 
As many as 14 million current and former civilian US government employees had their personal information exposed to hackers, according to two people who were briefed on the investigation. 
 
This represents a far higher figure than the 4 million the Obama administration initially disclosed and coming amid an apparent second cyber breach that officials said was linked to China.
 
The newer estimates put the number of compromised records at between 9 million and 14 million going back to the 1980s, said one congressional official and one former US official, who spoke to the Associated Press on condition of anonymity because information disclosed in the confidential briefings includes classified details of the investigation.
 
There are about 4.2 million federal employees, so the majority of the records exposed relate to former employees. Contractor information also has been stolen, officials said.
 
The latest revelation came a day after a major union said the cyber theft is more damaging than it first appeared, asserting that hackers stole personnel data and social security numbers for all the federal workers in a central personnel database.
Several US officials also said hackers linked to China appear to have gained access to sensitive background information submitted by intelligence and military personnel seeking security clearances. The break is the second digital breach of federal records revealed in a week and could dramatically compound the potential damage.
 
The forms believed accessed, known as Standard Form 86, require applicants to fill out deeply personal information about mental illnesses, drug and alcohol use, past arrests and bankruptcies. They also require the listing of contacts and relatives, potentially exposing any foreign relatives of US intelligence employees to coercion. The applicant’s social security number and that of his or her cohabitant are required.
 
Regarding the new user total affected by the main breach, the Obama administration had acknowledged that up to 4 million current and former employees whose information resides in the Office of Personnel Management (OPM)s server are affected by the December cyber breach, but it had been vague about exactly what was taken. But J David Cox, president of the American Federation of Government Employees, said in a letter Thursday to OPM director Katherine Archuleta that based on incomplete information OPM provided to the union, “we believe that the Central Personnel Data File was the targeted database, and that the hackers are now in possession of all personnel data for every federal employee, every federal retiree, and up to 1 million former federal employees”.
 
The OPM data file contains the records of most federal civilian employees, though not members of Congress and their staffs, members of the military or staff of the intelligence agencies.
 
The union believes the hackers stole military records and veterans’ status information, address, birth date, job and pay history, health insurance, life insurance and pension information, and age, gender and race data, he said.
Senate Democrat leader Harry Reid said that the hack was carried out by “the Chinese” without specifying whether he meant the Chinese government or individuals. Reid is one of eight lawmakers briefed on the most secret intelligence information. US officials have declined to publicly blame China, which has denied involvement.
 
 “We believe that social security numbers were not encrypted, a cybersecurity failure that is absolutely indefensible and outrageous,” Cox said in the letter. 
 
Schumach addressed Cox’s comment on encryption. “Though data encryption is a valuable protection method, today’s adversaries are sophisticated enough that encryption alone does not guarantee protection,” he said. “OPM does utilize encryption in some instances and is currently increasing the types of methods utilized to encrypt data.”
The central personnel data file contains up to 780 separate pieces of information about an employee.
 
Cox complained in the letter that, “very little substantive information has been shared with us, despite the fact that we represent more than 670,000 federal employees in departments and agencies throughout the executive branch”.
The union’s release and Reid’s comment in the Senate put into sharper focus what is looking like a massive cyber espionage success by China. Republican senator Susan Collins, an intelligence committee member, has also said the hack came from China.
 
Mike Rogers, the former chairman of the House intelligence committee, said last week that Chinese intelligence agencies have for some time been seeking to assemble a database of information about Americans. Those personal details can be used for blackmail, or also to shape bogus emails designed to appear legitimate while injecting spyware on the networks of government agencies or businesses Chinese hackers are trying to penetrate.
 
US intelligence officials say China, like the US, spies for national security advantage. Unlike the US, they say, China also engages in large-scale theft of corporate secrets for the benefit of state-sponsored enterprises that compete with Western companies. Nearly every major US Company has been hacked from China, they say.
 
Chinese government-backed computer hackers repeatedly breached the networks of US military contractors including airline, shipping and technology firms involved in the movement of soldiers and equipment, an investigation by the US Senate has found.
 
Released by the Senate Armed Services Committee following a year of investigation, the report suggests there were 20 infiltrations into networks of military contractors between June 2012 and May 2013. The information accessed included details about military strategy and logistics, which could be used to disrupt US forces operations.
 
The Senate investigation also suggests poor practice surrounding reporting requirements within the US government is at least partially responsible for the authorities remaining unaware that the computer networks of their contractors had been compromised.
 
Speaking at the launch of the report, Carl Levin, Democratic Senator of Michigan and chairman of the Senate Armed Services Committee, suggested it is still impossible to know if hackers from China or elsewhere are currently accessing US networks.
 
Levin also warned that the report provides clear evidence that Chinese authorities are actively attempting to engage in cyber-espionage.
 
However, Geng Shuang, spokesman for the Chinese embassy in Washington, questioned the findings of the Senate's report, insisting that China isn't involved in any sort of cyber-espionage. "Judging from past experience, those kinds of reports and allegations are usually based on fabricated facts and groundless," Shuang said.
 
Guardian:         Ein News
 
« The Brave New World of Cybersecurity
MI6: Snowden Files Hacked to Find Western Spies »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

IP Performance

IP Performance

IP Performance Limited is a leading supplier of customised network infrastructure and security solutions.

Lumeta

Lumeta

Lumeta’s cyber situational awareness platform is the unmatched source for enterprise network infrastructure analytics and security monitoring for breach detection.

RPC

RPC

RPC is a business law firm. Practice areas include technology and cyber risk.

Stott & May

Stott & May

Stott & May is a specialist cyber security recruitment agency.

MD5

MD5

MD5 is a leading UK provider of Digital Forensic & eDiscovery services to large multi-national corporate businesses, Law Enforcement & Government Agencies, high profile legal firms.

Akheros

Akheros

Akheros develops cybersecurity learning algorithms which anticipate, detect and prevent offensive and incongruous behaviors of M2M interactions.

BooleBox

BooleBox

Boolebox is the innovative suite of enterprise data protection applications that preserve the integrity and confidentiality of data from any unauthorized access.

Digital Arts

Digital Arts

Digital Arts provides internet security software and appliance products for companies and individuals.

ETSI

ETSI

ETSI is a European Standards Organization dealing with telecommunications, broadcasting and other electronic communications networks and services including cybersecurity.

Data Terminator

Data Terminator

Data Terminator provide a comprehensive range of secure data destruction equipment and services are in compliance to US Department of Defense (DoD) and National Security Agency (NSA) standards.

ISTC Foundation

ISTC Foundation

ISTC Foundation is one of the leading innovation centers in Armenia, founded by joint initiative of IBM, USAID, Armenian Government and Enterprise Incubator Foundation.

Globant

Globant

Globant is an It and software development company. We leverage the latest technologies and methodologies to help organizations transform in every aspect, including software security.

Dutch Institute for Vulnerability Disclosure (DIVD)

Dutch Institute for Vulnerability Disclosure (DIVD)

DIVD's aim is to make the digital world safer by reporting vulnerabilities we find in digital systems to the people who can fix them.

TheHive Project

TheHive Project

TheHive Project is a Scalable, Open Source and Free Security Incident Response Platform for SOC, CSIRT and CERT teams.

Diversified Search Group - Alta Associates

Diversified Search Group - Alta Associates

Diversified Search Group is an industry leader in recruiting diverse, inclusive and transformational leadership for clients.

eGeneration

eGeneration

eGeneration is one of the leading technology solutions and system integration companies in Bangladesh.