Office of Personnel Management data breach information
Cyberattack stealing 20 million federal personnel records
The Office of Personnel Management data breach was a 2015 data breach targeting Standard Form 86 (SF-86) U.S. government security clearance records retained by the United States Office of Personnel Management (OPM). One of the largest breaches of government data in U.S. history, the attack was carried out by an advanced persistent threat based in China, widely believed to be the Jiangsu State Security Department, a subsidiary of the Government of China's Ministry of State Security spy agency.
In June 2015, OPM announced that it had been the target of a data breach targeting personnel records.[1] Approximately 22.1 million records were affected, including records related to government employees, other people who had undergone background checks, and their friends and family.[2][3] One of the largest breaches of government data in U.S. history,[1] information that was obtained and exfiltrated in the breach[4] included personally identifiable information such as Social Security numbers,[5] as well as names, dates and places of birth, and addresses.[6] State-sponsored hackers working on behalf of the Chinese government carried out the attack.[4][7]
The data breach consisted of two separate, but linked, attacks.[8] It is unclear when the first attack occurred but the second attack happened on May 7, 2014, when attackers posed as an employee of KeyPoint Government Solutions, a subcontracting company. The first attack was discovered March 20, 2014, but the second attack was not discovered until April 15, 2015.[8] In the aftermath of the event, Katherine Archuleta, the director of OPM, and the CIO, Donna Seymour, resigned.[9]
^ abBarrett, Devlin (5 June 2015). "U.S. Suspects Hackers in China Breached About four (4) Million People's Records, Officials Say". Wall Street Journal. Retrieved 5 June 2015.
^Zengerle, Patricia; Cassella, Megan (2015-07-09). "Estimate of Americans hit by government personnel data hack skyrockets". Reuters. Retrieved 2015-07-09.
^Nakashima, Ellen (9 July 2015). "Hacks of OPM databases compromised 22.1 million people, federal authorities say". The Washington Post. Retrieved 19 July 2020.
^ abFruhlinger, Josh (2020-02-12). "The OPM hack explained: Bad security practices meet China's Captain America". CSO Online. Retrieved 2023-05-29.
^Risen, Tom (5 June 2015). "China Suspected in Theft of Federal Employee Records". U.S. News & World Report. Retrieved 5 June 2015.
^Cite error: The named reference npr was invoked but never defined (see the help page).
^Garrett M. Graff, China's Hacking Spree Will Have a Decades-Long Fallout, Wired (February 11, 2020).
^ abCite error: The named reference :0 was invoked but never defined (see the help page).
^Boyd, Aaron (2017-08-08). "OPM CIO Seymour resigns days before Oversight hearing". Federal Times. Retrieved 2017-12-04.
and 30 Related for: Office of Personnel Management data breach information
The OfficeofPersonnelManagementdatabreach was a 2015 databreach targeting Standard Form 86 (SF-86) U.S. government security clearance records retained...
2015, the OfficeofPersonnelManagement discovered it had been hacked more than a year earlier in a databreach, resulting in the theft of approximately...
A databreach, also known as data leakage, is "the unauthorized exposure, disclosure, or loss of personal information". Attackers have a variety of motives...
This is a list of reports about databreaches, using data compiled from various sources, including press reports, government news releases, and mainstream...
agencies, such as the 2009 Operation Aurora and the 2015 OfficeofPersonnelManagementdatabreach. U.S. law enforcement officials have identified China...
The Equifax databreach occurred between May and July 2017 at the American credit bureau Equifax. Private records of 147.9 million Americans along with...
the United States OfficeofPersonnelManagement (OPM) announced that it had been the target of a databreach targeting the records of as many as four million...
The 2018 SingHealth databreach was a databreach incident initiated by unidentified state actors, which happened between 27 June and 4 July 2018. During...
possibly breaching ethical and legal boundaries by encouraging its polygraph examiners to extract personal and private information from DoD personnel during...
known as Heodo, was first detected in 2014 and deemed one of the most prevalent threats of the decade. In 2021, the servers used for Emotet were disrupted...
article cites the OfficeofPersonnelManagementdatabreach, the Anthem medical databreach, and a Marriott International databreach as examples. Sources...
hearing of the House Committee on Oversight and Government Reform in the wake of the revelation of the OfficeofPersonnelManagementdatabreach. Republican...
The second season of late-night talk and news satire television program Last Week Tonight with John Oliver originally aired between February 8, 2015, and...
post office business) came under the managementof the Shareholder Executive, which in 2016 was merged into UK Government Investments. Key personnel who...
event management (SIEM) is a field within the field of computer security, where software products and services combine security information management (SIM)...
defenses against foreign cyber-attacks. Following the OfficeofPersonnelManagementdatabreach, he wrote that federal cybersecurity was woefully inadequate...
that simulates hacker breach methods, running continuous "war games" to identify breach scenarios across network systems. SafeBreach is a pioneer in the...
breaches in systems that should have been subject to regular FISMA reviews, for example the 2014 and 2015 OfficeofPersonnelManagementdatabreach.[citation...
an anti-hacking plan within 90 days of taking office. Referring to the OfficeofPersonnelManagementdatabreach in 2015, Trump said he was under a "political...
Union. In 2016, GTRI was renamed the Officeof Materials Management and Minimization, and continues the efforts of supporting reactor conversions, fuel...
records of millions of Verizon customers daily". The Guardian. Retrieved 22 June 2016. "Millions more Americans hit by government personneldata hack"....
comprehensive data protection laws. Major security breaches at Equifax, Target, Yahoo, Home Depot, and the United States OfficeofPersonnelManagement impacted...
and for this reason, a data center has to offer a secure environment that minimizes the chances of a security breach. A data center must, therefore,...