That cyber attack on the U.S. Office of Personnel Management, revealed to the American public just a few days ago, turns out to be a mammoth violation; worse than the White House is willing to admit.
The personal information of every single federal worker, retired, current, past and present has been stolen in one of the biggest heists by hackers the U.S. has ever faced — affecting far more than the initial report of “at least four million government employees,” according to a report in the Friday edition of the New York Post.
It is believed the attack was traced back to China, according to myriad American media reports. The Obama administration has to yet to formally accuse China of the cyber security attack, however.
China has been involved in numerous industrial cyber attacks on corporations in the United States. Hackers traced to Russia have also carried out a number of cyber attacks in the U.S.
In Israel, cyber warfare has long been considered a major threat — one the Jewish State geared up to deal with by creating an entire government division devoted solely to cyber defense and cyber warfare.
The U.S. OPM breach apparently occurred in December; but it was not until April that it was discovered, and the news did not reach the public until this month.
Among the personal details stolen by the cyber thieves were the social security numbers, dates of birth and addresses, according to J. David Cox, head of the American Federation of Government Employees.
Military records, employment histories, gender, race and insurance information was also taken from the records penetrated in the U.S. Office of Personnel Management.
In a letter that Cox wrote to OPM director Katherine Archuleta, he charged the agency with not encrypting highly sensitive personal data of those who work for the government.
“We believe that Social Security numbers were not encrypted, a cybersecurity failure that is absolutely indefensible and outrageous,” Cox said.
Personnel data files contain up to 780 pieces of information about each federal employee, according to the NY Post.
OPM has signed a $20 million deal with a private cyber security firm to provide 18 months of identity fraud protection for those who are affected.