Late Thursday, the Department of Homeland Security said that hackers had infiltrated the servers at the federal Office of Personnel Management and the Interior Department, potentially giving them access to personal data of up to four million current and former federal employees. U.S. officials, including Senate Intelligence Committee Chairwoman Susan Collins (R-Maine), said the breach appears to have come from China.
It's not clear whether the cyberattack was for financial crimes or espionage — OPM does most federal security background checks — or whether the Chinese government was involved, but China's U.S. embassy called the finger-pointing "not responsible and counterproductive." Cross-border cyberattacks "are hard to track and therefore the source of attacks is difficult to identify," said embassy spokesman Zhu Haiquan, adding to Reuters that "jumping to conclusions and making [a] hypothetical accusation is not responsible."
The massive breach apparently started late last year and was detected in April, according to DHS, but the scope wasn't clear until late May. The attack was conducted before OPM instituted new network security measures, but the failure to detect it earlier troubled lawmakers and experts. The federal government is offering credit monitoring to the affected employees. It was the third major foreign breach of sensitive federal computer networks in the past year.