Hackers struck US government computers and possibly compromised the personal data of 4 million current and former federal employees. Investigators are now probing whether the culprits were based in China, US officials said yesterday.
According to cyber investigators, the breach appeared to be similar to earlier thefts of healthcare records from Anthem Inc, the second largest US health insurer, and Premera Blue Cross, a healthcare services provider.
In what comes as the latest in a string of intrusions into US agencies' high-tech systems, the Office of Personnel Management (OPM), which handles employee records and security clearances, saw one of the largest breaches of information ever on government workers.
According to a US law enforcement source who spoke to Reuters, a "foreign entity or government" was believed to be behind the cyber attack.
A possible Chinese connection is being probed.
According to the FBI, it was conducting an investigation and would bring to account those responsible.
The cyber attack on Anthem in February was being investigated by several US states and according to a person familiar with the matter, it was being examined for possible links to China (See: Hackers strike US health insurance giant Anthem; steal millions of personal data).
Meanwhile, the Office of Personnel Management, which was conducting background checks, warned it was urging potential victims to monitor their financial statements and get new credit reports.
Though the breach was earlier said to have affected the Office of Personnel Management and the Department of Interior, according to government officials however, nearly every federal government agency was hit by the hackers.
Meanwhile, as assessment continued, the number of government employees possibly affected might number millions it was feared.
Investigators said the attacks could be traced the breach to the Chinese government. Hackers working for the Chinese military were believed to be compiling a massive database of US citizens, intelligence officials told CNN on last night.
The purpose of the database, however, was not clear.
Washington Post and The Wall Street Journal first reported on Thursday that Chinese hackers were responsible for the breach.
A spokesman from the Chinese Embassy in Washington objected late yesterday to allegations of the involvement of Chinese government in the massive hack.
"Cyberattacks conducted across countries are hard to track, and therefore the source of attacks is difficult to identify. Jumping to conclusions and making hypothetical accusation is not responsible and counterproductive," said Zhu Haiquan, press counselor and spokesperson for the Chinese Embassy in San Francisco.