U.S. officials confirmed Thursday that hackers may have breached an Office of Personnel Management’s network that contains personal information about federal employees.
Details of the impacts of the attack are sparse at this time, but cybersecurity experts said the incident could have compromised an OPM program for processing security-clearance applications. The system contains sensitive data that ranges from financial and travel histories to the names of applicants’ children, relatives, neighbors and close friends.
A Department of Homeland Security official told The Washington Post that agencies have not yet found “any loss of personally identifiable information.”
Data breaches occur somewhat regularly within the federal government, as Federal Diary columnist Joe Davidson pointed out in a recent column. An April report from the Government Accountability Office noted that 25,566 information-security incidents occurred last year, more than double the number from 2009.
Below is a brief history of major cyber-security problems that agencies experienced dating back to the latter part of President George W. Bush’s second term.
- Department of Energy: Hackers stole sensitive personal information, including Social Security and bank account numbers, for more than 104,000 individuals in a Department of Energy network.
- Justice Department: A hacker group known as Anonymous stole and published 1.7 gigabytes of data from the agency. The data included internal e-mails that may have contained information about crimes, criminals and crime victims.
- NASA: A NASA laptop was stolen, exposing personal information — including names, Social Security numbers, and dates of birth, — for thousands of agency employees.
- Thrift Savings Plan: Hackers gained access to information from about 123,000 participants in the Thrift Savings Plan, a 401 (k)-style program for federal workers, using a sophisticated cyber attack.
- Federal Aviation Administration: The FAA notified employees about the breach of an agency computer containing data on tens of thousands of employees and retirees.
- Army: A security breach exposed information on about 1,000 patients at Walter Reed Army Medical Center, compromising Social Security numbers, names and birth dates, but not medical records.
- Census Bureau: The agency inadvertently posted the Social Security numbers of 63,000 individuals who receive financial assistance, including farm subsidies, from the federal government.
- State Department and Commerce Department: Chinese hackers breached federal networks at the State Department and Commerce Department.
- Department of Veterans Affairs: The VA reported the theft of computer equipment that contained sensitive personal information for nearly 27 million former troops and active-duty military personnel.