The Obama administration announced on Thursday that personal information of up to 4 million current and former employees of the United States government have been swiped by China in a hack attack.
According to David Jackson and Kevin Johnson of USA Today, the Office of Personnel Management, which conducts background checks for security clearances, has plans to notify affected employees and offer "credit report access, credit monitoring and identity theft insurance and recovery services." Unconfirmed reports indicated that security clearance forms were also taken in the breach.
"It's not only the information in the security clearances, it's also the references," cybersecurity expert Rick Holland of Forrester Research said.
Holland added that the breach could be far-reaching, given that the clearance process requires multiple personal and professional references.
"Perhaps the loss is more than just 4 million federal employees," Holland said. "It's kind of a seven degrees of Kevin Bacon."
According to USA Today, OPM plans to tell affected individuals to "monitor financial account statements and immediately report any suspicious or unusual activity to financial institutions."
"You may place a fraud alert on your credit file to let creditors know to contact you before opening a new account in your name," OPM said.
According to Kevin Liptak and Theodore Schleifer of CNN, U.S. officials believe this could be the biggest breach ever of the government's computer networks. Nearly every federal government agency has been affected.
"American investigators believe they can trace the breach to the Chinese government," Liptak and Schleifer wrote, citing intelligence officials. "Hackers working for the Chinese military are believed to be compiling a massive database of Americans."
CNN reported that the OPM learned of the breach in April 2015. The FBI is leading the investigation on what caused the breach in the first place.
"We take all potential threats to public and private sector systems seriously, and will continue to investigate and hold accountable those who pose a threat in cyberspace," the FBI said in a statement.
Sen. Ron Johnson, R-Wis., called the latest breach "disturbing," adding that OPM should do a better job securing its information. He is the chairman of the Senate Homeland Security and Governmental Affairs according to CNN.
"It is disturbing to learn that hackers could have sensitive personal information on a huge number of current and former federal employees -- and, if media reports are correct, that information could be in the hands of China," Johnson said in a statement. "(The office) says it 'has undertaken an aggressive effort to update its cybersecurity posture.' Plainly, it must do a better job, especially given the sensitive nature of the information it holds."
Rep. Adam Schiff, D-Calif., thought it was the worst data breach to date, given the scale of people affected.
"It's shocking because Americans may expect that federal computer networks are maintained with state-of-the-art defenses," Schiff said.
