By Andrea Shalal and Matt Spetalnick
WASHINGTON (Reuters) -
Data stolen from U.S. government computers by suspected Chinese hackers
included security clearance information and background checks dating
back three decades, U.S. officials said on Friday, underlining the scope
of one of the largest known cyber attacks on federal networks.
The
breach of computer systems of the Office of Personnel Management was
disclosed on Thursday by the Obama administration, which said records of
up to 4 million current and former federal employees may have been
compromised.
Accusations by U.S. government sources of a Chinese
role in the cyber attack, including possible state sponsorship, could
further strain ties between Washington and Beijing. Tensions are already
heightened over Chinese assertiveness in pursuit of territorial claims
in the South China Sea.
The hacking also raises questions about
how the United States would respond if it confirmed that the Chinese
government was behind it.
Several U.S. officials, who requested
anonymity, said the hackers were believed to have been based in China
but that it was not yet known if the Chinese government or criminal
elements were involved.
Another U.S. official said the breach was
being investigated as a matter of national security, meaning it may
have originated from a foreign government.
The cyber attack was
among the most extensive thefts of information on the federal work
force, and one U.S. defense official said it was clearly aimed at
gaining valuable information for intelligence purposes.
"This is
deep. The data goes back to 1985," a U.S. official said. "This means
that they potentially have information about retirees, and they could
know what they did after leaving government."
Access to data from
OPM's computers, such as birth dates, Social Security numbers and bank
information, could help hackers test potential passwords to other sites,
including those with information about weapons systems, the official
said.
"That could give them a huge advantage," the official said.
According
to a U.S. House of Representatives memo seen by Reuters, OPM knows what
types of data were exposed to the hackers but not what data was taken.
The memo was sent to House staff by Chief Administrative Officer Ed
Cassidy, whose office provides support services to the House, including
cyber security services.
In addition, the State Department said
in a memo to its employees that most of them had not been exposed to the
breach because their data was not housed on the hacked OPM systems.
Only those who had previously been employed by another federal agency
may have been exposed, it said.
Investigators have linked the OPM breach to earlier thefts of personal data from millions of records at Anthem Inc (N:ANTM), the second largest U.S. health insurer, and Premera Blue Cross, a healthcare services provider.
It
was the second computer break-in in less than a year at OPM, the
federal government's personnel office, and the latest in a string of
cyber attacks on U.S. agencies, some of which have been blamed on
Chinese hackers.
A Chinese Foreign Ministry spokesman said such
accusations had been frequent of late and were irresponsible. Hacking
attacks were often cross-border and hard to trace, he said.
White
House spokesman Josh Earnest said, "It's not clear who the perpetrators
are," but he noted that President Barack Obama and his aides regularly
raise with their Chinese counterparts concerns about Chinese behavior in
cyberspace.
Disclosure of the latest computer breach comes ahead
of the annual U.S.-China Strategic and Economic Dialogue scheduled for
June 22-24 in Washington, D.C. Cyber security was already expected to be
high on the agenda.
U.S. officials said the talks would proceed
as scheduled, as would Obama's plans to host Chinese President Xi
Jinping on a state visit to Washington in the fall.
U.S. LIKELY TO MOVE CAUTIOUSLY
At
Friday's White House briefing, Earnest dodged the question of whether
Washington might retaliate if it was determined that a state had been
involved in the hacking.
In December, U.S. officials moved swiftly to accuse North Korea of being behind a high-profile attack on Sony (T:6758) over a movie depicting the assassination of North Korea's leader, and Obama vowed that the United States would respond.
Some
lawmakers and defense officials want a more aggressive U.S. stance
against cyber breaches, including legislation to strengthen U.S. cyber
defenses. But the administration is likely to move cautiously in
response to any Chinese role, mindful of the potential harm from
escalating cyber warfare between the world's two biggest economies.
The
Federal Bureau of Investigation has launched a probe of the OPM attack,
and vowed that it would bring to account those responsible for the
hacking.
OPM detected new malicious activity affecting its
information systems in April and the Department of Homeland Security
(DHS) said it concluded early in May that OPM's data had been
compromised and about 4 million workers may have been affected.
Hackers
hit OPM's IT systems and its data stored at the Department of the
Interior's data center, a shared service center for federal agencies, a
DHS official said on condition of anonymity.
Chinese hackers were
also blamed for penetrating OPM's computer networks last year, The New
York Times reported last July, citing unnamed U.S. officials.
James
Lewis, a cyber security expert at the Center for Strategic and
International Studies think tank, said the administration's disclosure
of the hacking could be a signal to China of Washington's plan to push
hard on cyber issues at this month's talks.
"The Chinese
have been saying privately, and somewhat in public, that we want the
summit to go really well. 'Let's not talk about espionage. Let's talk
about how we can work together'," said Lewis, a former State Department
official. "This might be a U.S. response to that: 'No, we are going to
talk about espionage.'"
