U.S. authorities are investigating how suspected Chinese hackers were able to manipulate the federal government’s intrusion detection system — known as EINSTEIN — to get access to the Office of Personnel Management, the government’s human resources department. The system was able to identify the hack, but only after thousands of files were compromised; investigators want to know what failed. Federal agencies are now rushing to install two-factor authentication with smart cards, a system designed to make it harder for intruders to access networks. But implementing that technology takes time. Meantime, data on millions of federal employees could be at risk.
[The breach was] yet another indication of a foreign power probing successfully and focusing on what appears to be data that would identify people with security clearances.
Sen. Susan Collins, R-Maine, and Senate Intelligence Committee member
The security breach could potentially affect every federal agency. In the aftermath, a key question is whether intelligence agency employee information was stolen. Former government employees are affected as well, authorities say. In November, a former DHS contractor disclosed another cyberbreach that compromised the private files of more than 25,000 Department of Homeland Security workers and thousands of other federal employees. Cybersecurity experts also noted that the Office of Personnel Management was targeted a year ago in a cyberattack that was suspected of originating in China. In that case, authorities reported no personal information was stolen.
Americans may expect that federal computer networks are maintained with state-of-the-art defenses.
U.S. Rep. Adam Schiff, D-Calif., House Permanent Select Committee on Intelligence