Cygilant Blog

Hackers Breach Office of Personnel Management

Posted by Vijay Basani on Jun 17, 2015

The Office of Personnel Management discovered that its data has been accessed by hackers from China. About 2 million former government employees, and 2.1 million current federal employees had their information compromised. Chief Administrative Officer Ed Cassidy said only employees who had worked for another federal agency in the past have been compromised. The hackers targeted the OPM in particular because it holds a lot of personally identifying data about its employees. This cyber breach targeted federal employees who were applying for security clearances.


To get these security clearances, employees had to submit personal information about their finances and families. The OPM breach was discovered in April, and it was found that the cyber criminals had access to information that dated back to 1985. The hackers have access to information about retirees, including their Social Security numbers. The Department of Homeland Security says that the Interior Department was also affected by this cyber breach.  This breach is the largest breach of federal employee data this year.


The OPM was also hacked back in July 2014, which is concerning for the DHS The July breach was traced back to hackers in China, who managed to compromise e-QIP, a system that the OPM uses to grant security clearances to employees. Federal employees entered their personal information into e-QIP to get security clearances. The employees were also required to keep updating their files if they had been granted security clearance. The files that the hackers were able to access in both the 2014 and 2015 breaches held considerable personal and financial information. The DHS is concerned that hackers will use this information to figure out passwords to other sites, including sites that have information about defense systems. Knowing personal and demographic data lets hackers plan spear phishing campaigns, which has the DHS worried.


Federal agencies have struggled to get rid of cyber criminals in the past. When Russian hackers breached the State Department, the department had trouble prohibiting their access to sensitive files, and the hackers managed to break into White House networks as well. Only a few weeks ago in May, it was revealed that the IRS’s website had been compromised by identity thieves. These cyber criminals did not have to hack into the IRS’s computer networks to file fraudulent tax returns. Instead, they found personal data about taxpayers and used that information to access their tax transcripts.   


The second cyber breach at the OPM proves that traditional cyber security solutions like firewalls and malware protection tools are not enough to keep federal agencies safe. Federal agencies hold large amounts of sensitive, personally identifying data, which is why they need to continuously monitor their networks. EiQ SecureVue offers fast and easy event reporting and searching, and alerts Information Assurance Managers to suspicious activity. SecureVue meets audit log management mandates for 8500.2 and 800-53, and saves time by automating benchmark checks. SecureVue includes the ability to validate DISA STIG and USGCB compliance checks against a switches, firewalls, applications (Oracle/SQL), RHEL, Solaris, and Windows systems. EiQ SecureVue lets federal agencies continuously monitor their networks for suspicious activity, and detects cyber threats before they have a chance to act.

Tags: Cyber Attack, Data Breach, Hacking, Federal Government

Most Recent Posts

Subscribe to Email Updates