Chinese Hackers Break into US Federal Worker Database

Illustration shows projection of binary code on a man holding a laptop computer, in an office.

U.S. officials said hackers in China are responsible for stealing information on millions of federal government employees. It is the biggest breach of government workers information in years.

The Office of Personnel Management (OPM) said Thursday that as many as four million current and former federal employees’ files may have been affected. OPM said the numbers could be even higher.

The OPM is responsible for holding background information and issuing security clearances for millions of government employees. American law enforcement officials said they believe China-based hackers are behind the attack and may have connections to the Chinese government.

China said Friday charges of its involvement are irresponsible. Chinese Foreign Ministry spokesman Hong Lei said that Beijing hopes the U.S. would be “less suspicious and stop making any unverified allegations.” He spoke at a regular news briefing.

“We know that hacker attacks are conducted anonymously, across nations, and that it is hard to track the source,” Hong said. “It is irresponsible and unscientific to make conjectural, trumped-up allegations without deep investigation.”

Representative Adam Schiff is the top Democrat on the House Intelligence Committee. He said this attack is shocking “because Americans may expect that federal computer networks are maintained with state of the art defenses.”

Rob Pritchard is a cyber-security expert at the Royal United Services Institute. He said it would be somewhat uncommon for state-connected Chinese hackers to target U.S. government employee information.

However, OPM can be seen as a high-value hacking target. Its computers store important and sensitive information about federal employees. For example, OPM keeps social security numbers, payroll information, job descriptions, performance reviews and family information on federal workers.

Mr. Prichard said this information could be valuable to criminals who want to sell it for money, or state-sponsored hackers.

Officials would not say what type of information was read or stolen. And it is not clear whether the hackers targeted individual employees, or just gathered information to be used later.

Both the Federal Bureau of Investigation and the Department of Homeland Security are investigating. The FBI said it takes all threats to public and private organizations computer systems seriously. It said it will hold those who make such threats accountable, or responsible.

OPM said it identified the security breach in April. Then it took what it called an “aggressive effort” to put tougher controls into place. The agency will offer help to the employees whose information may have been compromised.

While this attack may be the biggest, it is not the only time hackers have gotten into U.S. government computer systems. Hackers have broken into unclassified White House and State Department computers. They also attacked the military’s U.S. Central Command Twitter and YouTube accounts.

The Internal Revenue Service, which is responsible for tax collection in the U.S., was hit last month. Hackers stole information on 100,000 taxpayers.

Large American businesses have also been attacked. For example, the Sony Pictures movie studio, Target, Home Depot, EBay, as well as JP Morgan Chase bank, all have been victims.

Some of the attacks have been blamed on North Korea, Russia and China.

Experts say China wants to get U.S. industry and trade secrets. China angrily denies the accusations, and says it has been targeted by U.S. hackers.

Last year, the U.S. charged five Chinese military officers with stealing trade secrets from the computers of several American nuclear, metal and solar companies. China denounced the charges and put on hold talks with the U.S. about fighting cyber crimes.

I’m Anne Ball

VOA’s William Gallo wrote this story. Anne Ball adapted it for Learning English. Hai Do was the editor.


Words in This Story

breachv. break into

anonymous (ly)adj. not named or identified

conjecture (al)adj. without proof

trumped-upadj. something done or created to make someone appear to be guilty of a crime

sensitive - adj. needs to be handled in a secret way to protect someone

payrolln. a list of people who work for a company and the amount of money the company pays them.