Federal officials said new tools allowed them to discover a massive breach of government-employee data by hackers suspected of working for the Chinese state. We would imagine that achievement will not inspire much gratitude among the millions whose personal data were violated. No doubt they, as well as U.S. taxpayers, are wondering why their government seems so incapable of protecting sensitive information from cyberattacks.
Federal officials said new tools allowed them to discover a massive breach of government-employee data by hackers suspected of working for the Chinese state. We would imagine that achievement will not inspire much gratitude among the millions whose personal data were violated. No doubt they, as well as U.S. taxpayers, are wondering why their government seems so incapable of protecting sensitive information from cyberattacks.
The Obama administration disclosed Thursday that the computer system of the Office of Personnel Management, which handles federal employee records and security clearances, had been hacked. The breach, affecting about 4 million current and former government workers, was detected in April but appears to have dated back to December. The hackers, apparently targeting Social Security numbers and other personal identifying information, have been linked by cybersecurity experts to thefts of similar personal data from two major U.S. health-care firms. Administration officials did not publicly identify the attackers, but The Post’s Ellen Nakashima quoted sources identifying the hackers as state-sponsored. The Chinese foreign ministry dismissed the claims as jumping to conclusions.
What’s so disconcerting about the breach — other than its massive scale and possible value to Chinese espionage, of course — is that it is just one in a series of intrusions into vital computer systems of the U.S. government. The White House and the State Department last year discovered their email systems had been compromised in an attack linked to Russian hackers. The OPM was the target of a smaller attack last year. Last week, the Internal Revenue Service said identity thieves had illegally obtained tax information on more than 100,000 households.
High-profile cyberattacks on such private companies as Sony Pictures Entertainment and Target prompted the White House to push the private sector to improve protections of its computer networks and share information on best methods. So there’s an unfortunate irony in the vulnerability of federal computer networks, which, as Rep. Adam Schiff, D-Calif., noted, Americans expect to be “maintained with state-of-the-art defenses.”
Measures taken so far are clearly insufficient. We hope the breach at the OPM — among the largest thefts ever of government data — awakens the administration and Congress to the need for a robust strategy that puts safeguards in place and promises consequences for the people and countries who try to violate them.
— Washington Post