Scope of security breach under investigation, other breaches ‘may come to light,’ says Office of Personnel Management
A government agency said Thursday that it is notifying roughly 4 million individuals that hackers may have compromised their personal information.
The cyberattack against the Office of Personnel Management (OPM) was identified in April, and was carried out before the agency – responsible for processing security clearances and carrying out background checks for government employees and contractors – implemented efforts to improve security.
New tools that were acquired during the “aggressive effort” to update cybersecurity were used to identify the breach, the agency said in a statement.
OPM has teamed with the Department of Homeland Security and the FBI “to determine the full impact to federal personnel”, noting that more personal data “exposures may come to light” during the investigation.
“Protecting our federal employee data from malicious cyber incidents is of the highest priority at OPM,” Director Katherine Archuleta said in a statement. “We take very seriously our responsibility to secure the information stored in our systems, and in coordination with our agency partners, our experienced team is constantly identifying opportunities to further protect the data with which we are entrusted.”
The Washington Post and Wall Street Journal reported that U.S. officials believe Chinese hackers are behind the breach.