A Chinese national was arrested in Los Angeles this week on charges he used a rare type of computer malware that was also deployed to access millions of sensitive U.S. records from the Office of Personnel Management.
Court papers filed against Yu Pingan do not mention the OPM, but they do suggest a connection between the two. The OPM hack is considered one of the worst-ever computer breaches of U.S. government computer systems because the hackers were able to access a huge volume of information from security clearance forms filed by federal workers and contractors.
The suspect, along with other conspirators in China, “would acquire and use malicious software tools, some of which were rare variants previously unidentified by the FBI and information security community, including a malicious software tool known as ‘Sakula,’ ’’ the criminal complaint states.
The Sakula malware has previously been linked to the OPM hack, as well as other suspected computer system penetrations in the United States.
Yu, 36, was arrested Monday night when he flew into Los Angeles International Airport, officials said.
U.S. officials have said that the Chinese government is responsible for the OPM hack, which breached major databases and exposed the sensitive information of about 22.1 million people, including not just federal employees and contractors but their families and friends.
The charges filed against Yu concern earlier alleged computer breaches of three U.S. companies. He is accused of conspiracy to commit computer hacking for those incidents, which took place from 2012 to 2014.