The FBI says Yu, also known as the hacker "GoldSun" runs a site selling malware, including Sakula, a rarely used Trojan that security firms believe was used to infiltrate OPM's computers. That data breach compromised the private information of 21.5 million government employees and applicants, as well as their spouses and close relatives. The attackers got away with almost 30 years' worth of info, including people's SSNs, fingerprint data, bank account numbers and other personal details.
In addition to selling malware, the FBI says Yu also colluded with two other unnamed hackers to launch cyberattacks on at least four US-based companies. Feds found records of him talking about using a remote access Trojan to infiltrate companies as far back as June 2011. In 2013, one of his accomplices allegedly used Sakula to hack a company in Massachusetts.
The government has long believed that OPM's hackers are from China, but authorities from the Asian country have been denying their involvement in the data breach. As a result of what's considered one of the worst hacks in US history, the government had to create the National Background Investigations Bureau within the OPM to take charge of background checks. Unlike its parent agency, the NBIB doesn't keep data in OPM's computers anymore. The Pentagon now stores any info the NBIB gets from current government employees and applicants in a cloud-based system designed specifically for that purpose.