Skip to main content
Advertising

Originally published July 9, 2014 at 9:15 PM | Page modified July 10, 2014 at 6:00 AM

  • Share:
             
  • Comments
  • Print

Chinese hackers tapped personal federal-employee records

The hackers appeared to be targeting the files of tens of thousands of employees who have applied for top-secret security clearances as contained in the databases of the Office of Personnel Management.


The New York Times

Reader Comments
Hide / Show comments
Romney talked about this in the debates and also how China manipulates their currency to hurt America. Obama's... MORE
And we keep dealing with a country that funds hackers like this. Unlike the the west, in China hackers funded by the... MORE
@ssmagoo I bet Romney helped or is part of sending jobs to China.Remember he is first a bottom line business person... MORE

advertising

WASHINGTON — Chinese hackers in March broke into the computer networks of the U.S. government agency that houses the personal information of all federal employees, according to senior U.S. officials. They appeared to be targeting the files of tens of thousands of employees who have applied for top-secret security clearances.

The hackers gained access to some of the databases of the Office of Personnel Management before federal authorities detected the threat and blocked them from the network, according to the officials. It is not clear how far the hackers penetrated the agency’s systems, in which applicants for security clearances list their foreign contacts, their previous jobs and personal information, such as past drug use.

A senior Department of Homeland Security official confirmed the attack had occurred but said that “at this time” the personnel agency and the Department of Homeland Security “have not identified any loss of personally identifiable information.” The official said an emergency-response team was assigned “to assess and mitigate any risks identified.”

One senior U.S. official said the attack was traced to China, although it was not clear if the hackers were part of the government. Its disclosure comes as a delegation of senior U.S. officials, led by Secretary of State John Kerry, is in Beijing for the annual Strategic and Economic Dialogue, the leading forum for discussion between the United States and China on their commercial relationships and their efforts to work together on economic and defense issues.

Computer intrusions have been a major source of discussion and disagreement between the countries, and the Chinese can point to evidence, revealed by fugitive Edward Snowden, that the National Security Agency (NSA) went deep into the computer systems of Huawei, a major Chinese maker of computer-network equipment, and ran many programs to intercept the conversations of Chinese leaders and the military.

U.S. officials say the attack on the Office of Personnel Management was notable because while hackers try to breach U.S. government servers nearly every day, they rarely succeed. One of the last attacks the government acknowledged occurred last year at the Department of Energy. In that case, hackers successfully made off with employee and contractors’ personal data. The agency was forced to reveal the attack because state disclosure laws force entities to report breaches in cases where personally identifiable information is compromised. Government agencies do not have to disclose breaches in which sensitive government secrets, but no personally identifiable information, have been stolen.

A month ago, the Justice Department indicted a group of Chinese hackers who work for the People’s Liberation Army (PLA) Unit 61398 and charged group members with stealing corporate secrets. The same unit and others linked to the PLA have been accused in the past of intrusions into U.S. government computer systems, including in the office of the secretary of defense.

But private security researchers say the indictments have not deterred the PLA from hacking foreign targets.

The indictments have been criticized as long on symbolism and short on punishment: There is very little chance that the Chinese military members would ever see the inside of a U.S. courtroom, even if the FBI has put their pictures on wanted posters.

“I think that it was speaking loudly and carrying a small stick,” said Dennis Blair, the former director of national intelligence during President Obama’s first term, who was the co-author of a report last year urging that the United States create a series of financial disincentives for computer theft and attacks, including halting some forms of imports and blocking access to U.S. financial markets.

Not long after several members of Unit 61398 were indicted, security researchers were able to pin hundreds more cyberattacks at U.S. and European space and satellite technology companies and research groups on a second Shanghai-based Chinese military unit, known as Unit 61486. Researchers say that even after Americans indicted their counterparts in Unit 61398, members of Unit 61486 have shown no signs of scaling back.

The same proved true for the dozen other Chinese military and naval units that U.S. officials have been tracking as they break into an ever more concerning list of corporate targets, including drone, missile and nuclear-propulsion-technology makers.

The intrusion at the Office of Personnel Management was particularly disturbing because it oversees a system called e-QIP, in which federal employees applying for security clearances enter their most personal information, including financial data. Federal employees who have had security clearances for some time are often required to update personal information through the website.

The agencies and the contractors use the information from e-QIP to investigate the employees and ultimately determine whether they should be granted security clearances or have them updated.

A representative of the Office of Personnel Management said that monitoring systems at the Department of Homeland Security and the agency office allowed them to be “alerted to a potential intrusion of our network in mid-March.”



Want unlimited access to seattletimes.com? Subscribe now!

News where, when and how you want it

Email Icon


Advertising
The Seattle Times

The door is closed, but it's not locked.

Take a minute to subscribe and continue to enjoy The Seattle Times for as little as 99 cents a week.

Subscription options ►

Already a subscriber?

We've got good news for you. Unlimited seattletimes.com content access is included with most subscriptions.

Subscriber login ►
The Seattle Times

To keep reading, you need a subscription upgrade.

We hope you have enjoyed your complimentary access. For unlimited seattletimes.com access, please upgrade your digital subscription.

Call customer service at 1.800.542.0820 for assistance with your upgrade or questions about your subscriber status.

The Seattle Times

To keep reading, you need a subscription.

We hope you have enjoyed your complimentary access. Subscribe now for unlimited access!

Subscription options ►

Already a subscriber?

We've got good news for you. Unlimited seattletimes.com content access is included with most subscriptions.

Activate Subscriber Account ►