U.S. hacking: Military and intelligence data ‘accessed’ in second attack

The hacking of millions of U.S. government employees is likely part of an effort by Chinese intelligence for long-term profiling - and possibly more nefarious things. Security analysts say considerable evidence points to China, and that the cyber-intrusion shows the long and patient efforts in Beijing to collect and compile data which may be useful in the future. Reports last week indicated some four million current or former government employees were hit, but a union letter said many more - every federal employee, every federal retiree, and up to one million former federal employees - could also have had personal data compromised. Officials have now given details of a potential second breach.

If you think about what you can do from the perspective of espionage instead of fraud, that data is incredibly valuable. If you want to target someone, this data can be used to conduct spearphishing, it can be used for blackmail.

Ryan Kazanciyan, chief security architect at a California-based security firm

The attack targeting the US Office of Personnel Management could be connected to other data breaches even though they may not seem similar on the surface, say analysts. In recent months, breaches affecting tens of millions of Americans have been reported at health insurance firms such as Anthem and CareFirst, members of the Blue Cross Blue Shield Association - which cover many federal government employees. Anup Ghosh, founder and chief executive of the security firm Invincea, said the incidents suggest a long-term plan “building dossiers on targets of interest." Combining the data in personnel records with detailed health information provides "very personal and private information,” Ghosh said. "This has people’s vulnerabilities. It gives (foreign agents) leverage.“

Technology US hack