The Washington PostDemocracy Dies in Darkness

Chinese hackers may have breached the federal government’s personnel office, U.S. officials say

Placeholder while article actions load

This story has been updated.

Hackers may have breached the Office of Personnel Management’s network, a Department of Homeland Security official confirmed Thursday.

Another U.S. official who was briefed on the investigation said the intrusion has been traced to China, although it is not clear that the Chinese government is involved.

According to the DHS official, who asked not to be identified, the agency’s National Cybersecurity and Communications Integration Center became aware of a “potential intrusion” of the network, and has been working with OPM and other agencies to assess and mitigate risks. So far, they have not found “any loss of personally identifiable information,” the official said.

The New York Times first reported Wednesday night that Chinese hackers penetrated the databases of the federal government’s personnel office, which contains files on all federal employees, including thousands who have applied for top-secret clearances.

The paper said the attack on the Office of Personnel Management occurred in March before it was detected and blocked. It quoted a “senior Department of Homeland Security official” confirming the attack, and saying that “at this time” the government had not “identified any loss of personally identifiable information.”

The Times also quoted an “unnamed senior American official” saying the attack had been traced to China, though not necessarily to the government of China.

According to the Times:

The intrusion at the Office of Personnel Management was particularly disturbing because it oversees a system called e-QIP, in which federal employees applying for security clearances enter their most personal information, including financial data. Federal employees who have had security clearances for some time are often required to update their personal information through the website.
The agencies and the contractors use the information from e-QIP to investigate the employees and ultimately determine whether they should be granted security clearances, or have them updated.

Cyber espionage — the United States against China and China against the United States — has become a source of constant tension between the U.S. and Chinese governments. Reports based on documents leaked by Edward J. Snowden revealed that the National Security Agency penetrated the computer systems of Huawei, the Chinese firm that makes computer network equipment, and operated programs to intercept conversations of Chinese officials.

In May, Attorney General Eric H. Holder Jr. announced the indictments of five Chinese People’s Liberation Army members on charges of hacking to benefit Chinese industry. They were accused of hacking into computers and stealing valuable trade secrets from leading steel, nuclear plant and solar power firms. It marked the first time that the United States has leveled such criminal charges against a foreign country.

Designs for many of the nation’s most sensitive advanced weapons systems have been compromised by Chinese hackers, according to a report prepared last year for the Pentagon and officials from government and the defense industry.

Among more than two dozen major weapons systems whose designs were breached were programs critical to U.S. missile defenses and combat aircraft and ships, according to the confidential report prepared for Pentagon leaders by the Defense Science Board.

Experts said recently that Chinese cyberspies have been systematically targeting major Washington institutions, including think tanks and law firms. Middle East experts at major U.S. think tanks were hacked by Chinese cyberspies in recent weeks as events in Iraq began to escalate, according to a cybersecurity firm that works with the institutions.

The hacking goes back years. In 2006, hackers in China broke into the State Department’s computer system in Washington and overseas in search of information, passwords and other data. The bureau that deals with China and North Korea was hit particularly hard, although the system penetrated contained unclassified information, U.S. officials said.

The Times said the attack on OPM was “notable because while hackers try to breach United States government servers nearly every day, they rarely succeed.”