A phishing campaign is targeting some of the 22 million victims of the massive United States Office of Personnel Management breaches of 2014 and 2015.
Tag Archives: opm
OPM data breach ‘not state-sponsored’ says China
A major data breach at the OPM in June was the result of cybercriminal activity that had nothing to do with state-sponsored cybercrime, China has disclosed.
The post OPM data breach ‘not state-sponsored’ says China appeared first on We Live Security.
Office of Personal Management Hacked – US Government Downplays the Event
The second admission followed a week later. The Office of Personel Management (OPM) announced that on June 4, a hack attack had succeeded on governmental staff – four million people affected. It now appears that an additional 18 million records were stolen. The government, communicated this as two separate events in an apparent attempt to downplay the scale.
So what happened in the alleged second hack? That 18 million Social Security numbers have been compromised, is a “preliminary, unverified, approximate” according to a letter from the Director of OPM, Katherine Archuleta. The number — 18 million – affects people working for a federal agency or who applied for funding. The data, according to US government circles, may be in the hands of spies from the People’s Republic of China. This has been flatly denied by Chinese officials.
Mrs. Archuleta was called to testify before a Congressional committee: Encryptions are not always possible due to the age of facilities. She argued, however, that even encryption would have not sufficed, because the hackers would then have copied keys and passwords.
An article from the Wall Street Journal mentions that the government described the attack as happening in two waves in orde rto downlplay the severity. In addition, the OPM had denied the disclosure of sensitive information twice, even though the FBI had informed the OPM on June 5 about the attack…
The post Office of Personal Management Hacked – US Government Downplays the Event appeared first on Avira Blog.
Threatpost News Wrap, June 26, 2015
Dennis Fisher and Mike Mimoso talk about the Cisco default SSH keys, more details of the OPM data breach, the Adobe 0-day and why we never hear about bad APT groups, only the really good ones.
Personal data is becoming a primary target at every level
I recently published a blog about the data breach at the Office of Personal Management (OPM) and the Interior Department which is being blamed on China.
In the last week, there have been a number of experts giving more detail on the depth of the stolen data. The concern is about Standard Form 86 which is used to collect data on potential federal employees applying for positions in National Security.
As you can imagine, this form probes into areas of someone’s background, family and friends that not even those close to the person may know. There are 127 pages of the form and the collection of information includes citizenship, passport, residence schools, military service, employment, financial records, alcohol and drug use, criminal records, psychological and emotional health, groups that may have been associated with, foreign travel, associates including relatives and friends.
The data is extremely valuable to any foreign government or intelligence agency, knowing your enemy in this much detail is a definite advantage. Some observers are suggesting that the data may even be used to blackmail people. While there is of course this possibility, I doubt anyone who successfully got a position in the NSA would be susceptible to blackmail…
However, there is the risk of an unsuccessful applicant being blackmailed with the data on their Standard Form 86. Naturally, this is bad news for them and they need protection as they are not in positions of national security.
Any breach that affects the people responsible for our security is extremely serious and there needs be a robust plan to assist current and past employees, and even those who simply filled out the form.
Personal data is becoming the primary target for many cyber criminals, foreign powers and governments and the holders of the data need to take precautions to secure it. We are all potential victims of data theft and it’s our responsibility to understand the dangers of handing over our data.
While in this case there is no alternative for national security employees, in many of the data breach cases recently there are ways that we can limit our exposure by sharing less.
OPM: Are Personnel Records of All Fed Workers Exposed?
Two weeks ago OPM, the US Office of Personnel Management got hacked and the information of 4 million federal government workers was exposed. This is of course, horrible. But it’s not all: On Friday we learned that the issue at hand was huge and much bigger than everyone believed at first.
As can be read in a letter to OPM Director Karen Archuletta, David Cox, the president of the American Federation of Government Employees, believes that “based on the sketchy information OPM has provided, the Central Personnel Data Files was the targeted database, and the hackers are now in possession of all personnel data for every federal employee, every federal retiree, and up to one million former federal employees.”
Cox goes on and says that the thinks the hackers have the Social Security number, military records and even veterans status’ information of every affected person. Addresses, birth dates, job and pay histories, health and life insurances and pension information, age, gender, and almost everything else you’d never want anyone else to know are included on his list as well.
Sounds bad? It’s not all. The letter states: “Worst, we believe that Social Security numbers were not encrypted, a cybersecurity failure that is absolutely indefensible and outrageous.”
I bet they now wish that “only” 4 million records got stolen …
The post OPM: Are Personnel Records of All Fed Workers Exposed? appeared first on Avira Blog.
US blames China for massive data breach
The OPM is responsible for human resources for the federal government which means they are the collectors and holders of personal data on all federal employees.
Law enforcement sources close to the breach stated that a “foreign entity or government” possibly Chinese was believed to be behind the attack, according to an article published in The Guardian.
It should be noted that the Chinese government stated that it was ‘not responsible’ and this conclusion was ‘counterproductive’.
The OPM carries out background checks on employees and holds data dating back to 1985. A successful attacker could gain access to records of past and present employees, with data that could even refer to retired employees and what they are doing now.
Regardless of whether you believe the continual finger pointing by one government at another, there are real people that are effected and protecting them and their identity should be the priority.
Alarmingly, an official said to Reuters that “Access to data from OPM’s computers, such as birth dates, Social Security numbers and bank information, could help hackers test potential passwords to other sites, including those with information about weapons systems”.
How to stay safe
While those of us who do not work for the government won’t have been affected by this breach, what can we do to protect ourselves identity theft?
- Ensure your online accounts are not using the email address and a password that could be guessed from personal information, if you are then change the password.
- Keep a close watch on your credit reports. This will help you identify if someone is using your identity to take a line of credit in your name. Most credit scoring agencies allow you to run a report for free at least once.
- Spammers may send emails that look like they are coming from valid sources. Make sure to carefully scrutinize these emails – don’t click on links that look suspicious – and if in doubt contact the sending organization directly to ensure it’s an official communication.
- Avoid using the same email address or identity across multiple online accounts. For example, have a primarily email address used for recovery of forgotten passwords and account information. Have a secondary email address for offline and online retail transactions. Have a third for financial accounts and sensitive information.
- Avoid Cold Calls: If you don’t know the person calling then do not hand over payment or personal details. If in doubt, hang up and call the organization directly to establish you are talking to legitimate operators.
- Set privacy Settings: Lock down access to your personal data on social media sites, these are commonly used by cybercriminals to socially engineer passwords. Try AVG PrivacyFix, it’s a great tool that will assist you with this.
- Destroy documents: Make sure you shred documents before disposing of them as they can contain a lot of personal information.
- Check statements and correspondence: Receipts for transactions that you don’t recognize could show up in your mail.
- Use strong passwords and two factor authentication: See my previous blog post on this, complex passwords can be remembered simply!
- Check that sites are secure: When you are sending personal data online, check that the site is secure – there should be a padlock in the address or status bar or the address should have a ‘https’ at the start. The ‘s’ stands for secure.
- Updated security software: Always have updated antivirus software as it will block access to many phishing sites that will ask you for your personal data.
Also consider enlisting an identity monitoring service, commercial companies that have been breached often offer this reactively to the victims. Understanding where or if your identity is being abused in real time will give you the ability to manage issues as they happen.
OPM Data Breach: Data of 4 Million Federal Workers Exposed
According to the official news release, hackers managed to breach the Office of Personnel Management (OPM). With the information of 4 million federal government workers exposed, it is one of the biggest in the federal government’s history. The hack was discovered because “within the last year, the OPM has undertaken an aggressive effort to update its cybersecurity posture, adding numerous tools and capabilities to its networks”.
In order to determine the full impact the OPM is now investigating the issue together with the U.S. Department of Homeland Security’s Computer Emergency Readiness Team (US-CERT) and the Federal Bureau of Investigation (FBI).
In their statement the agency wrote: “Since the intrusion, OPM has instituted additional network security precautions, including: restricting remote access for network administrators and restricting network administration functions remotely; a review of all connections to ensure that only legitimate business connections have access to the internet; and deploying anti-malware software across the environment to protect and prevent the deployment or execution of tools that could compromise the network.”
Sounds all good, but who is to blame? According to The Washington Post and the Wall Street Journal the hackers might have been Chinese, a link that China’s Foreign Ministry Spokesman calls “irresponsible”.
The post OPM Data Breach: Data of 4 Million Federal Workers Exposed appeared first on Avira Blog.