Category: breach

Jun 21 2015

“EPIC” fail—how OPM hackers tapped the mother lode of espionage data

Government officials have been vague in their testimony about the data breaches—there was apparently more than one—at the Office of Personnel Management. But on Thursday, officials from OPM, the Department of Homeland Security, and the Department of the Interior revealed new information that indicates at least two separate systems were compromised by attackers within OPM's and Interior's networks. The first was the Electronic Official Personnel Folder (eOPF) system, an entity hosted for OPM at the Department of the Interior's shared service data center. The second was the central database behind EPIC, the suite of software used by OPM's Federal Investigative Service in order to collect data for government employee and contractor background investigations.

OPM has not yet revealed the full extent of the data exposed by the attack, but initial actions by the agency in response to the breaches indicate information g as many as 3.2 million federal employees (both current federal employees and retirees) was exposed. However, new estimates in light of this week's revelations have soared, estimating as many as 14 million people in and outside government will be affected by the breach—including uniformed military and intelligence personnel. It is, essentially, the biggest "doxxing" in history. And if true, personal details from nearly everyone who works for the government in some capacity may now be in the hands of a foreign government. This fallout is the culmination of years of issues such as reliance on outdated software and contracting large swaths of security work elsewhere (including China).

The OPM breaches themselves are cause for major concerns, but there are signs that these are not isolated incidents. "We see supporting evidence that these attacks are related to the group that launched the attack on Anthem [the large health insurer breached earlier this year]," said Tom Parker, chief technology officer of the information security company FusionX. "And there was a breach at United Airlines that's potentially correlated as well." When pulled together into an analytical database, the information could essentially become a LinkedIn for spies, providing a foreign intelligence organization with a way to find individuals with the right job titles, the right connections, and traits that might make them more susceptible to recruitment or compromise.

Read 46 remaining paragraphs | Comments

Jun 04 2015

Federal agency hit by Chinese hackers, around 4 million employees affected

The Office of Personnel Management, the government agency that manages federal employees, announced Thursday that its network was breached in December 2014, potentially compromising the personal records of approximately 4 million former and current employees.

The Washington Post, citing unnamed government officials, reported that the attack originated from “Chinese hackers,” and was the “second major intrusion of the agency by China in less than a year.”

As the agency wrote in a statement:

Read 1 remaining paragraphs | Comments

Apr 12 2015

Hacked French TV network admits “blunder” that exposed YouTube password

The head of the French TV network that suspended broadcasting following last week's hack attack has confirmed the service exposed its own passwords during a TV interview, but said the gaffe came only after the breach.

"We don't hide the fact that this is a blunder," the channel's director general Yves Bigot, told the AFP news service.

The exposure came during an interview a rival TV service broadcast on the TV5Monde attack. During the questioning, a TV5Monde journalist sat in front of several scraps of paper hanging on a window. One of them showed the password of for the network's YouTube account. As Ars reported last week, the pass code was "lemotdepassedeyoutube," which translates in English to "the password of YouTube."

Read 3 remaining paragraphs | Comments

Feb 05 2015

String of big data breaches continues with hack on health insurer Anthem

Over the past 18 months, hackers have struck again and again, with incursions on Target, Staples, JPMorgan Chase, and Sony Pictures, as well as a raft of smaller companies. Now, one of the largest US health insurers, Anthem, says it suffered a breach that exposed Social Security Numbers and other personal information for tens of millions of people, including its CEO.

In all, Anthem said the compromised database included 80 million records related to current and former customers and employees. The intruders accessed names, Social Security numbers, birthdays, addresses, e-mail, income data and other employment information. At this early stage, company officials don't think credit card details and medical information such as insurance claims and test results were taken. Company officials have hired security firm Mandiant to determine how the hackers got in and what information they accessed. The FBI is also investigating.

Anthem operates under a variety of health insurance brands, including Anthem Blue Cross, Anthem Blue Cross and Blue Shield, Blue Cross and Blue Shield of Georgia, and Empire Blue Cross and Blue Shield. The breach was discovered on January 29. The company plans to notify affected customers and employees in the coming weeks. It has also published this list of frequently asked questions and this statement from CEO and President Joseph R. Swedish apologizing for the data theft.

Read 2 remaining paragraphs | Comments