Why Did Chinese Hackers Steal Data From 4 Million Federal Employees?

By
Image

Chinese hackers have stolen the personal data of at least 4 million current and former government workers in one of the largest breaches of a U.S. government computer network ever. U.S. officials said that hackers targeted the Office of Personnel Management, which functions as the federal government’s human resources department, in December, and according to the Washington Post the breach was not detected until April. The stolen information included employees’ names, addresses, performance ratings, and Social Security numbers. “Certainly, OPM is a high-value target,” OPM chief information officer Donna Seymour told the Post. “We have a lot of information about people, and that is something that our adversaries want.”

The U.S. and China have been squabbling over cybersecurity for years, and U.S. officials have accused the Chinese of trying to steal intellectual property from various major U.S. corporations. In March 2014 Chinese hackers broke into OPM’s computer network in an apparent attempt to steal files on employees who applied for top-secret security clearances. Within the last year, two OPM contractors were breached as well, and Russia allegedly hacked the White House and State Department’s email systems.

Officials said the database targeted in the latest hack did not contain information on employees seeking security clearances, but every federal agency may be affected. The FBI is still investigating the breach, and employees whose data has been compromised will be offered free credit monitoring. Congressman Adam Schiff, ranking Democrat on the House intelligence committee, said the hack is “shocking, because Americans may expect that federal computer networks are maintained with state-of-the-art defenses.”

For now, the extent of what was taken, the group behind the hack, and why it was stolen remain unclear. While most federal officials agree that the hackers appear to be Chinese, they have not determined if the attack was state-sponsored. Ken Ammon, chief strategy officer of Xceedium, told the AP that the latest hack looks like espionage carried out by a foreign government, and the stolen information could be used to impersonate or blackmail federal employees to obtain sensitive data. “This is an attack against the nation,” he said.

The stolen data could also be used for online fraud or identity theft, and former National Security Council staffer Rob Knake told Politico that it’s more likely the information was stolen by a criminal group. “It’s of very limited value within the intelligence community,” he said. “It doesn’t make sense to me that a state intelligence agency would want to deploy resources to get the Social Security number of clerks at the Commerce Department.” The information has yet to show up on the black market, and another federal official told Politico, “It could be that some underworld actors are being contracted by [a] government actor.”

When accused of hacking in the past, China has claimed that it’s a fellow victim of cybersecurity breaches. For what it’s worth, a spokesman for the Chinese Embassy in Washington called the latest accusations “not responsible and counterproductive.” “Cyberattacks conducted across countries are hard to track and therefore the source of attacks is difficult to identify,” said Zhu Haiquan, adding that hacking can “only be addressed by international cooperation based on mutual trust and mutual respect.”