The US government agency that collects personnel information for federal employees has said that a cybersecurity breach had compromised the data of up to four million people.
The Federal Bureau of Investigation said on Thursday that it has launched a probe and would hold the culprits accountable, Reuters reported.
We take all potential threats to public and private sector systems seriously, and will continue to investigate and hold accountable those who pose a threat in cyberspace
“The FBI is working with our interagency partners to investigate this matter,” the bureau said in a statement.
“We take all potential threats to public and private sector systems seriously, and will continue to investigate and hold accountable those who pose a threat in cyberspace.”
The Office of Personnel Management (OPM) detected new malicious activity affecting its information systems in April and the Department of Homeland Security said it concluded at the beginning of May that the agency’s data had been compromised. The office handles employee records and security clearances.
“This would likely be the largest theft of US government data in the history of the United States,” Patty Culhane, Al Jazeera’s White House correspondent reporting from Washington, said.
“Basically, OPM is like the human resources department of the entire federal government. They also get security background checks for people who want to get security clearances,” she said.
“The big question remains exactly what information was stolen? Was it social security number, your federal ID or was it salary information. Right now OPM is not saying.”
A US law enforcement source told Reuters a “foreign entity or government” was believed to be behind the cyberattack. Authorities were looking into a possible Chinese connection, a source close to the matter said.
A Chinese embassy spokesman in Washington said hypothetical accusations were irresponsible and counterproductive.
“Jumping to conclusions and making [a] hypothetical accusation is not responsible,” and is “counterproductive”, Chinese embassy spokesman Zhu Haiquan said in emailed comments.
The OPM had previously been the victim of a cyberattack, as have various federal government computer systems at the state department, the US Postal Service and the White House.
Since the intrusion, OPM said it had implemented additional security precautions for its networks. It said it would notify the 4 million people affected and offer credit monitoring and identity theft services to the people affected.
“The last few months have seen a series of massive data breaches that have affected millions of Americans,” US Representative Adam Schiff, the ranking Democrat on the House Permanent Select Committee on Intelligence, said in a statement.
But he called the latest intrusion “among the most shocking because Americans may expect that federal computer networks are maintained with state of the art defences”.
It is thought that the ramifications of the data breach could potentially affect every federal agency.