Breach Brief: Cyberattack compromises the data of at least 4 million government workers

---

Four million current and former federal employees may have had their personal information hacked.

---

Hackers based in China breached U.S. Office of Personnel Management (OPM) computers, according to officials. One spokesperson has even described the incident as perhaps one of the largest thefts of government data ever.

What happened? According to the Washington Post, the cyber intruders accessed information that included employees’ Social Security numbers, job assignments, performance ratings and training information. No direct deposit data was exposed. Unfortunately, they could not say for certain what data was taken, simply which information had been accessed.

How many were affected? It appears that at least four million current and former federal employees could have been impacted.

When did it occur? The hackers, who are believed to have ties to the Chinese government, gained entry into the federal computer system last September. However, the breach wasn’t detected until April.

How did it happen? The hackers are said to have used a previously unknown cyber tool, called “zero-day,” to take advantage of a vulnerability in the system.

What they’re saying: “We take all potential threats to public and private sector systems seriously, and will continue to investigate and hold accountable those who pose a threat in cyberspace.” An FBI spokesman has said that the agency is working with other parts of the government to investigate the matter.

In addition, cybersecurity experts have also noted that the OPM was the target of another attack a year ago that was suspected of originating in China. At that time, authorities reported that no personal information had been stolen. This latest high-profile occurrence comes amid growing concerns that even the most trusted sites and systems can be used by hackers aimed at infiltrating sensitive industries. With the number of cyber attacks on the rise and no apparent end in sight, how can you ensure that your network and its data are protected?