The Obama administration recently disclosed a breach in its computers of the Office of Personal Management. It is possible that the huge data breach was successful in compromising the personal data of close to four million past and present federal employees.
According to reports, the hackers that were responsible for the act are suspected to be based in China. Apart from that, the hack also compromised personal data from the Interior Department along with OPM (The Office of Personnel Management). Although, a spokesperson from the Chinese Embassy in Washington DC has rubbished the accusations, calling them rumors of emerging social media, if confirmed, the breach would be the second major attempt by Beijing to gain access to federal data in a year.
What is even more surprising in the latest security breach at OPM and the Interior Department is that the leaks go as far back as 1985, which means that the attackers could also have information on the current occupations of past federal employees, which directly compromises their security.
Top security specialists in US have warned about critical government data being stolen for some time now, but to no avail. The recent hack has only opened another can of worms that the government now has to deal with. According to many security experts, it is unpardonable for the government to allow its systems to be breached by not having proper security protocols in place.
It is without a doubt that the information of government employees, both past and present is an important asset which should be kept secure from enemies of the state. This is why it is important for both government agencies and private companies to provide the best data level protection they can, which will mean no longer focusing on the perimeters of data security, but taking a more granular approach to data security.
A data attach of this size is nothing new either, earlier this year, the IRS reported of a similar security breach which compromised the information of around 100,000 US households. Apart from that, the recent LogJam security flaw is also evidence that the US government should tighten its control on sensitive data.
According to reports, the DHS used its intrusion detection system called EINSTEIN to identify the hack at OPM’s system along with the Interior Department, which is shared by other federal agencies. But what is not clear is that why did the EINSTEIN system detect the security breach after many of the records were removed or copied. During the investigation, reports surfaced that malware signatures of the OPM data breach leads back to the same group which was responsible for the Anthem health insurance network. At the end of the day, these very real security flaws are more than just rumors on emerging social media, and while these security vulnerabilities are unforgivable, there are certain financial constraints faced by the government which should also be considered.