Worst US cyber intrusion: Data of 18 million fed employees exposed

An illustration picture shows a projection of binary code on a man holding a laptop computer. Security experts point at China as the culprit in the worst ever cyber intrusion in the US.Reuters

The personal data of an estimated 18 million current and past US federal government employees may have been exposed due to a cyber intrusion believed to have been orchestrated by China, which is considered the worst ever against the US government.

Senators were informed of this estimate by Federal Bureau of Investigation (FBI) Director James Comey during a closed-door briefing over the past week on the cyber breach at the Office of Personnel Management (OPM).

OPM, however, has maintained that only 4.2 million federal employees were affected by the cyber breach. The office is still conducting an investigation on the matter.

This number, however, is expected to increase exponentially, given that the hackers were able to access a database which contains private data on the federal employees' family members and close associates.

How exactly did this massive cyber breach take place? Investigators looking into the incident found out that the hackers used security credentials from one of OPM's contractors, KeyPoint Government Solutions, to access these personal data.

OPM officials led by Katherine Archuleta drew criticism from members of Congress for their supposed failure to prevent the intrusion by immediately blocking access from KeyPoint. They face multiple congressional probes on the cyber intrusion in the coming weeks.

"I wish that you were as strenuous and hardworking at keeping information out of the hands of hacker as are at keeping information out of the hands of Congress," Massachusetts Rep. Stephen Lynch told Archuleta during a hearing last week.

Adding to the frustration among lawmakers is the recent revelation from Michael Esser, OPM's assistant inspector general for audits, that their office's key databases do not meet federal security standards.

"Several of these systems are among the most critical and sensitive applications owned by the agency," Esser said in his testimony before the House Oversight and Government Affairs Committee last week

On the possible motive by China, security experts said the Chinese may be trying to boost their capacity to spy on the US government, noting that what was stolen from the OPM included details on who has access to America's secrets.

The US Navy's former top cybersecurity commander, retired Captain Mike Walls, said he expects Chinese spies to use the information to better target specific American employees.

"This is an intelligence play which will inform the Chinese as they conduct future cyberattacks," he said.

Jason Polancich, a former intelligence analyst for the US government, said the hackers maybe "collecting intelligence on employees, their roles, projects they work on, access levels" among other vulnerabilities. China could then try to turn these employees into spies with bribes or blackmail, he said.