Chinese citizens who have official or unofficial ties to U.S. government workers might be at-risk in connection to a breach of a federal personnel database that may have originated in Beijing in December, officials say. Photo: UPI/Stephen Shaver | License Photo
WASHINGTON, June 10 (UPI) -- Computer hackers who compromised a federal database of the Office of Personnel Management six months ago may have obtained the identities of a number of Chinese citizens who have ties to the U.S. government -- setting the scene for possible blackmail or retaliation, federal officials believe.
It was reported last week that the security breach happened in December, and that hackers had gained access to a vast database of government employees and other sensitive information -- which officials said might allow for future cyber attacks.
Some investigators, who reportedly believe the breach originated in China, are now concerned that a number of Chinese citizens with official and unofficial U.S. ties could be at risk if their names are now in Beijing's hands, the New York Times reported Wednesday.
Federal officials who have security clearances are sometimes required to list foreign contacts, which are then kept and maintained by the OPM. It's believed the hackers obtained many of these lists and officials are now attempting to find out whose names have been compromised.
"It gives the Chinese the ability to exploit who is listed as a foreign contact," cyberexpert James Lewis said in the Times report. "If you are a Chinese person who didn't report your contacts or relationships with an American [to the Chinese government], you may have a problem."
It is believed by some that Beijing is systematically targeting sensitive information to achieve a better understanding of the inner workings of the U.S. government, and possibly to gain further advantage through blackmail or intimidation. This, officials fear, may open the United States to future attacks.
The December breach, which was preceded by another hack about a year earlier, involved potentially four million present and former federal employees.
Although cyberattacks pose a great risk to national security, the OPM said Wednesday the fact that they even detected December's attack is encouraging.
"It was because of [some] new enhancements to our IT systems that OPM was able to identify these intrusions," the agency said.
The personnel office has been criticized because it did not encrypt the sensitive data exposed to the security breach. However, the agency said the breach was so sophisticated that encrypting the data likely would not have posed much of an obstacle to the hackers.
Investigators reportedly believe the hack originated in China, but no official accusation against Beijing has yet been made by any administration official.