'OPM hack: China blamed for massive breach of US government data' diff viewer (1/2)

This article is from the source 'guardian' and was first published or seen on June 04, 2015 21:54 (UTC). It last changed over 40 days ago and won't be checked again for changes.

You can find the current article at its original source at http://www.theguardian.com/technology/2015/jun/04/us-government-massive-data-breach-employee-records-security-clearances

The article has changed 9 times. There is an RSS feed of changes available.

Previous version 1 2 3 4 5 6 7 8 Next version

Previous version 1 2 3 4 5 6 7 8 Next version

Version 1	Version 2
US officials report massive data breach at federal human resources agency	US officials report massive data breach at federal human resources agency
2015-06-04 22:36:43 UTC	2015-06-05 02:35:31 UTC (about 4 hours later)
~~The Obama administration is scrambling to assess the impact of a massive data breach involving the agency that handles security clearances and US government employee ~~records.~~~~	The Obama administration is scrambling to assess the impact of a massive data breach involving the agency that handles security clearances and US government employee records, with suspicion quickly falling on China, which has been accused of carrying out cyber-espionage against the US in the past.
Government officials familiar with the situation told Associated Press ~~that~~ hack occurred at the Office of Personnel Management (OPM) and the Interior ~~Department~~ and could potentially affect 4 million people at every federal agency.	Government officials familiar with the situation told the Associated Press the hack occurred at the Office of Personnel Management (OPM) and the Interior Department, and could potentially affect 4 million people at every federal agency.
~~The OPM is the human resources department for the federal ~~government,~~ and ~~issues~~ security clearances.~~	The OPM is the human resources department for the federal government and does checks for security clearances.
~~“The~~ ~~FBI~~ is ~~conducting~~ an ~~investigation~~ to ~~identify~~ ~~how~~ ~~and~~ ~~why~~ ~~this~~ ~~occurred,”~~ the ~~department~~ of ~~homeland~~ ~~security~~ ~~said~~ in a ~~statement.~~ ~~“DHS~~ is ~~continuing~~ to ~~monitor~~ ~~federal~~ ~~networks~~ ~~for~~ ~~any~~ ~~suspicious~~ ~~activity~~ ~~and~~ is ~~working~~ ~~aggressively~~ ~~with~~ the ~~affected~~ ~~agencies~~ to ~~conduct~~ ~~investigative~~ ~~analysis~~ to ~~assess~~ the ~~extent~~ of ~~this~~ ~~alleged~~ ~~intrusion.”~~	A US law enforcement source told the Reuters news agency on Thursday night that a “foreign entity or government” was believed to be behind the attack. Authorities were looking into a possible Chinese connection, the news agency said, quoting a source close to the matter. Chinese officials issued swift denials.
	“The FBI is conducting an investigation to identify how and why this occurred,” the department of homeland security said in a statement on Thursday. “DHS is continuing to monitor federal networks for any suspicious activity and is working aggressively with the affected agencies to conduct investigative analysis to assess the extent of this alleged intrusion.”
Reports in the New York Times and Washington Post on Thursday, both citing unnamed sources in the federal government, reported Chinese hackers were behind the breach.	Reports in the New York Times and Washington Post on Thursday, both citing unnamed sources in the federal government, reported Chinese hackers were behind the breach.
	The Chinese embassy in Washington responded that jumping to conclusions was “not responsible” and “counterproductive”.
	Embassy spokesman Zhu Haiquan said China had made great efforts to combat cyberattacks and that tracking such events conducted across borders was difficult.
In November, a former DHS contractor disclosed another cyber-breach that compromised the private files of more than 25,000 DHS workers and thousands of other federal employees.	In November, a former DHS contractor disclosed another cyber-breach that compromised the private files of more than 25,000 DHS workers and thousands of other federal employees.
DHS said its intrusion detection system, known as Einstein, which screens federal internet traffic to identify potential cyber threats, identified the hack of OPM’s systems and the Interior Department’s data center, which is shared by other federal agencies.	DHS said its intrusion detection system, known as Einstein, which screens federal internet traffic to identify potential cyber threats, identified the hack of OPM’s systems and the Interior Department’s data center, which is shared by other federal agencies.
“DHS is continuing to monitor federal networks for any suspicious activity and is working aggressively with the affected agencies to conduct investigative analysis to assess the extent of this alleged intrusion,” the statement said.	“DHS is continuing to monitor federal networks for any suspicious activity and is working aggressively with the affected agencies to conduct investigative analysis to assess the extent of this alleged intrusion,” the statement said.
Members of Congress were briefed on the breach earlier Thursday.	Members of Congress were briefed on the breach earlier Thursday.
The hack follows an attack on the Internal Revenue Service (IRS) that compromised the details of 100,000 taxpayers. On Wednesday, IRS commissioner John Koskinen appeared before a Senate committee and blamed the attack on underfunding and the agency’s inability to keep up with increasingly sophisticated threats.	The hack follows an attack on the Internal Revenue Service (IRS) that compromised the details of 100,000 taxpayers. On Wednesday, IRS commissioner John Koskinen appeared before a Senate committee and blamed the attack on underfunding and the agency’s inability to keep up with increasingly sophisticated threats.
“This incident provides a stark reminder that even security controls that may have been adequate in the past can be overcome by hackers, who are anonymous, persistent and have access to vast amounts of personal data and knowledge,” J Russell George, treasury inspector general for tax administration, told the Senate finance committee.	“This incident provides a stark reminder that even security controls that may have been adequate in the past can be overcome by hackers, who are anonymous, persistent and have access to vast amounts of personal data and knowledge,” J Russell George, treasury inspector general for tax administration, told the Senate finance committee.
Ken Ammon, chief strategy officer at Xceedium, a government security contractor that specialises in securing privileged access to systems, said: “What we are seeing across the board is a particular weakness in our defence systems.”	Ken Ammon, chief strategy officer at Xceedium, a government security contractor that specialises in securing privileged access to systems, said: “What we are seeing across the board is a particular weakness in our defence systems.”
Ammon said sophisticated hacking operations funded by nation states were targeting system administrators and gaining access to massive amounts of data. “What you want to be able to do is cut your loses, make sure the attack is isolated to that particular individual and not the terabytes of information stored on the servers.”	Ammon said sophisticated hacking operations funded by nation states were targeting system administrators and gaining access to massive amounts of data. “What you want to be able to do is cut your loses, make sure the attack is isolated to that particular individual and not the terabytes of information stored on the servers.”
The Associated Press contributed to this report	The Associated Press contributed to this report