Advertisement

Investigators connect massive federal hack to China

More information about the hack that leaked info on millions of US government employees -- including extremely detailed data from background checks -- is coming out now. While a computer security firm called CloudStrike said it came from a Chinese group called "Deep Panda" that also is suspected of pilfering data from health insurer Anthem, others disagree. Representatives of another security company, FireEye, tells Re/code that it's linked to another distinct group of hackers in China that seem focused only on personal information.

Similarly, last year's Sony hacking by the "Guardians of Peace" also produced differing opinions over exactly where the hackers resided. Wherever they came from, Reuters reports US investigators discovered they used a technique similar to those used against Anthem -- registering a web address that looked like an official Office of Personnel Management site to try to phish employee passwords. The Washington Post, citing OPM officials, says the hackers were in the system since June or July of last year, giving them plenty of time to identify and remove the most sensitive stuff.

In an interview, the OPM's director of IT security claimed that contrary to reports by the Wall Street Journal, it had identified the malware on its systems prior to a tech demo by a security company. The information is out there now, and the motivations of the people who have it is so far unknown even as these suggestions strain the relationship between the governments of US and China.

[Image credit: Bloomberg via Getty Images]