A new massive data breach has been confirmed, and this time it’s not a major financial institution or retail chain hit by hackers. Instead, it’s the U.S. government’s HR department, where hackers successfully stole personal data for at least 4 million federal workers.
The Department of Homeland Security confirmed the hack on Thursday, The Associated Press reports, and it said that the data compromised belongs to the Office of Personnel Management (OPM) and the Interior Department.
Senator Susan Collins, member of the Senate intelligence committee, believes China is behind the attack. A spokesman for the Chinese Embassy in Washington denied the allegations. A similar attack targeted the OPM a year ago, with China being the main suspect. Hackers were not able to breach security at the time.
The breach was “yet another indication of a foreign power probing successfully and focusing on what appears to be data that would identify people with security clearances,” Collins said.
The stolen data could potentially affect the data of every federal agency. Former government employees are also affected, because the OPM is the HR department for the government, responsible with background checks for security clearances.
The agency will offer credit monitoring and identity theft insurance for 18 months, AP says.
Strangely, the DHS’s EINSTEIN security system that’s supposed to detect such breaches failed, or at least in part. The system found the breach but after data was already stolen from the servers.