Virtual Event Today: Supply Chain Security Summit - Register Now

Security Experts:

Connect with us

Hi, what are you looking for?


Incident Response

U.S. Says Hackers Accessed Data of 4 Million Federal Workers

U.S. Office of Personnel Management (OPM) Breach Exposes 4 Million Federal Employees

U.S. Office of Personnel Management (OPM) Breach Exposes 4 Million Federal Employees

The US government warned on Thursday that hackers may have accessed the personal data of roughly four million federal employees.

On Thursday afternoon, The U.S. Office of Personnel Management (OPM) said that it identified a “cybersecurity incident” in April 2015 that potentially exposed personnel data of upwards of 4 million current and former federal employees, including personally identifiable information (PII).

As a result, OPM said it would send notifications to the millions of individuals whose PII may have been compromised in the attack.

“Within the last year, the OPM has undertaken an aggressive effort to update its cybersecurity posture, adding numerous tools and capabilities to its network,” an OPM statement said. “As a result, in April 2015, OPM detected a cyber-intrusion affecting its information technology (IT) systems and data. The intrusion predated the adoption of the tougher security controls.”

The OPM said that it working with the US-CERT and the FBI to determine the full impact of the breach.

OPM did not publically attribute the attack to a specific source, but some reports say Chinese hackers may be responsible.

“OPM continues to improve security for the sensitive information it manages and evaluates its IT security protocols on a continuous basis to protect sensitive data to the greatest extent possible. Since the intrusion, OPM has instituted additional network security precautions, including: restricting remote access for network administrators and restricting network administration functions remotely; a review of all connections to ensure that only legitimate business connections have access to the internet; and deploying anti-malware software across the environment to protect and prevent the deployment or execution of tools that could compromise the network.

OPM is offering credit report access, credit monitoring and identify theft insurance and recovery services to potentially affected individuals.

“There is a general notion that government agencies unilaterally have their act together when it comes to protecting their information assets; this is fundamentally false,” Jay Kaplan, CEO of Synack and former NSA analyst, told SecurityWeek. “Government agencies have just as much trouble protecting sensitive data as the largest corporations in the world.”

“OPM data is extremely sensitive — from an operational security perspective, the government takes the confidentiality of their employees extremely seriously,” Kaplan added. “If the reports are true, this is a massive problem that could put key government employees that wish to remain anonymous at risk. State governments are and will continue to be the most difficult threats to protect against — current defenses on unclassified networks are not match for well funded and highly motivated actors.” 

In Aug. 2014, US Investigations Services (USIS), a Department of Homeland Security (DHS) contractor that conducts background checks for the agency, was the target of a cyberattack that appeared to have been launched by a state-sponsored entity.

*Updated with commentary

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Incident Response

Cygnvs emerges from stealth mode with an incident response platform and $55 million in Series A funding.

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...

Incident Response

Implementation of security automation can be overwhelming, and has remained a barrier to adoption

Data Breaches

T-Mobile disclosed another massive data breach affecting approximately 37 million customer accounts.