OPM
Latest
Fraudster caught using OPM hack data from 2015
Way back in 2015, the US Office of Personnel Management (OPM) was electronically burgled, with hackers making off with 21.5 million records. That data included social security numbers, fingerprints, usernames, passwords and data from interviews conducted for background checks. Now, a woman from Maryland has admitted to using data from that breach to secure fraudulent loans through a credit union.
2015's big hacks, attacks and security blunders
The security breaches, blunders, and disasters of 2015 tanked our trust in health insurance providers, credit agencies, the IRS, car manufacturers, connected toys for kids, and even "adult" dating sites. These stories shaped 2015, and forever changed the way we see data privacy and security. Most importantly, these painful moments in computer security affected millions, shaped government policy and validated our paranoia.
China says OPM breach was the work of criminal hackers
China says the massive security breaches at the US Office of Personnel Management (OPM) that exposed the personal information of more than 21.5 million US government employees, contractors, veterans and friends of personnel, was the work of criminal hackers within China and not state-sponsored. This new information was reported by the Xinhua news agency.
OPM hackers took more fingerprint data than first thought
It's safe to say that the Office of Personnel Management data breach was already bad news for government workers, but things just got a bit worse. The agency now estimates that the intruders took the fingerprints of 5.6 million people, not the originally determined 1.1 million. Yes, that's five times more than first thought. Officials are quick to note that this digit data won't be as useful to the hackers as the other sensitive information leaked through the attack (fooling a fingerprint reader requires some skill). However, there's a concern that the thieves could find a way to misuse those prints -- and it's not as if you can change your fingers once they've been compromised. While there's no immediate reason to panic if you've worked for the feds, there could be additional trouble down the road. [Image credit: Bloomberg via Getty Images]
After Math: The price of doing business
This week on the After Math, we're all about the benjamins. Between four major corporations shelling out $413 million over an employee anti-poaching scheme, the feds spending $133 million to protect victims of the OPM breach and the new cost of Hulu doing what every other streaming service on the market already does, there's a whole bunch of money changing hands.
US will pay over $133 million to protect OPM data breach victims
That massive data breach at the US Office of Personnel Management is going to cost the country a lot more than you might think. Officials have awarded ID Experts a contract to protect the 21.5 million affected government workers against identity theft. The arrangement will cost the government at least $133.3 million, and options could bring its value to as high as $329.8 million. Suddenly, Sony's identity protection offer following the 2011 PSN breach seems like small potatoes. And that's just part of a smaller effort to mitigate the effects of data breaches -- the General Services Administration has handed out a separate $500 million contract for responding to these kinds of attacks.
US reportedly planning to scare off China's hackers, somehow
So how will the US government respond to a recent spate of attacks by hackers, including one that extracted an unprecedented amount of data on government employees from the Office of Personnel Management (OPM)? The LA Times and New York Times suggest the Obama administration has decided it must retaliate against China, which is believed to be behind the attacks, but is still working out how to do it. Comments from government officials like Director of National Intelligence James Clapper have highlighted "deterrence" as an ideal outcome, but how?
Pentagon shuts down Joint Chiefs' email network
The Department of Defense reportedly shut down an unclassified email system on Tuesday after detecting "suspicious activity" over the weekend, according to CNN. The network served General Martin Dempsey, chairman of the Joint Chiefs of Staff, as well as a number of civilian contractors. The Pentagon refused to release many details about the attack, even what the "suspicious activity" was; instead downplaying the hack as a run-of-the-mill cyber attack that caused minimal damage.
White House may find more data breaches following security 'sprint'
When investigators discovered that the US Office of Personnel Management had suffered a massive data breach, the White House kicked off a 30-day cybersecurity "sprint" in hopes of boosting its defenses and checking for vulnerabilities. Well, that mad dash is over -- and the government might not like what it found. Chief Information Officer Tony Scott tells Reuters that there's a "realistic chance" that the feds will have word of more intrusions when they share details on July 20th. That kind of discovery won't be completely surprising given how much the US has come under attack, but it could make the OPM breach just one piece of a much larger puzzle.
OPM director steps down after hacks affected more than 20 million
In the last year the federal government's Office of Personnel Management has been hit by at least two separate attacks by hackers. The first one that came to light affected the info on some four million people, while another has apparently seen sensitive background check info on more than 20 million people fall into the wrong hands. While OPM director Katherine Archuleta pledged yesterday to stay on and lead efforts to secure the department's systems, today ABC News and The Hill report Archuleta handed in her resignation to President Obama.
Hackers stole 21.5 million Social Security Numbers in government breach
Last month, the US Office of Personnel Management (OPM) learned it was the victim of a massive cyberattack -- a breach that compromised personnel data of 4.2 million current and former federal employees. That's really bad. While investigating the incident, the OPM found evidence of another attack: one that compromises the privacy of 21.5 million individuals from the organization's background check database. That's a lot worse.
OPM shutters web background checks for security enhancements
The Office of Personnel Management has decided to suspend its web-based background checks for the time being. In particular, it has pulled down the Electronic Questionnaires for Investigations Processing system (e-QIP) "for an extended period of time." According to a notice posted on its website, the downtime's necessary "for security enhancements" -- if you recall, OPM was recently the target of a massive hack that exposed the SSNs and other sensitive info of at least 4 million people who've been employed by the government from as far back as 1985.
Investigators connect massive federal hack to China
More information about the hack that leaked info on millions of US government employees -- including extremely detailed data from background checks -- is coming out now. While a computer security firm called CloudStrike said it came from a Chinese group called "Deep Panda" that also is suspected of pilfering data from health insurer Anthem, others disagree. Representatives of another security company, FireEye, tells Re/code that it's linked to another distinct group of hackers in China that seem focused only on personal information.
Background info on US spies, military stolen by hackers
Wondering how the recently uncovered hack covering personal information from millions of government employees could be worse? We now have our answer, as sources have told the Associated Press and other outlets that in another breach, hackers accessed data from security clearance checks for military and intelligence personnel. Called Section Form 86, you can see what's covered right here (PDF). Its 127 pages cover personal data like your name and Social Security Number (and the name and SSN of the person you live with), then dive deeper into your family history, where you've lived, who you know, how regularly you drink, any loans you have, if you've ever been treated for mental illness, etc.
Hackers stole all federal employees' SSN and private info, union says
A federal worker union claims that the massive Office of Personnel Management hack reported last week is even bigger and more damaging than the government cares to admit. The American Federation of Government Employees believes the hackers stole the social security number of every current federal employee and retiree, along with the SSNs of up to a million former workers. Associated Press has also obtained a letter addressed to OPM and written by AFGE's president, J. David Cox, where he listed the other types of info stolen from OPM's database: military records and veterans' status information, address, birth date, job and pay history, health insurance, life insurance and pension information; and age, gender and race data. Meanwhile, the Wall Street Journal reports the hackers were inside for more than a year before a sales demo by a tech firm discovered malware in the network.
Hackers in giant federal breach got 30 years of worker info
Just how bad was the hack that compromised the info of 4 million US government workers? Exceptionally bad, if you ask anonymous officials talking to Reuters. They understand that the Office of Personnel Management breach exposed data going as far back in time as 1985, which could reveal what about 1.9 million staffers did after they left federal employment. It's not certain exactly what was taken, but the hack may have exposed bank info, birthdays and Social Security numbers -- the kind of sensitive content that could lead to breaches elsewhere.
Massive hack compromises 4 million federal employees' private info
A group of hackers has attacked the Office of Personnel Management (OPM), stealing sensitive data on 4 million current and former American federal employees. Law enforcement sources tell Reuters that the government believes the perpetrators are from China and have penetrated not just OPM's IT systems, but also the records it stores at the Department of the Interior's data center. According to the New York Times, security researchers believe it's the same crew that attacked insurance companies Anthem and Primera. As you might know, OPM is in possession of a huge number of personnel info since it's in charge of conducting background checks on potential federal employees. It probably looks like a goldmine for data thieves and was even targeted last year (nothing was stolen at that time, though) by a group, which the government suspects is also based in China.
Faux PS4 built based on rumored specs, gets rumored results
The fine people at Official PlayStation Magazine UK trust the PlayStation 4 spec rumors enough to build the entire next-gen console with the assumed parts, which are all off-the-shelf PC pieces. Rumors have the PS4 using an AMD A8 3850 processor and AMD Radeon HD 7670 graphics card, the latter of which is identical to a mid-range, year-old AMD graphics card, the HD 6670. The processor is a "cheap" CPU solution, OPM writes.With that stellar introduction, OPM tested its fake PS4 against an Intel i7 2700K with Just Cause 2, and against the PS3 with Bulletstorm and Skyrim. OPM tracked rendering and frame-rate benchmarks for each system, and was underwhelmed with the results. Just Cause 2 was clocked at 21 frames per second, and the other two stuck around 30, but with barely noticeable graphics improvements from the PS3 version.Again, these are only the rumored PS4 specs, and simply duct-taping them all together and popping in a game doesn't equate a true, finished console. Techradar's components editor Dave James offered some insight into OPM's test: "Sadly just benchmarking the relevant PC components in the current crop of Windows-compatible games wont give you much of an idea how a PS4 utilising those components would actually perform."Coding on closed-platform devices, like consoles, means you can squeeze every last drop of performance out of the hardware because you know that every one of those devices will be exactly the same."Sony may use newer versions of the graphics card and processor as well, James said. The moral of this story, then: Rumors are rumors. Image credit: OPM
PTOM rumor: inFamous 2 coming in 2010
The latest issue of PlayStation: The Official Magazine (detailing Crysis 2) has a seemingly innocent feature called "Second to None" in its news section. Promising "the scoop on three hugely anticipated sequels slated for 2010," the magazine details Batman: Arkham Asylum 2, Star Wars: The Force Unleashed 2, and inFamous 2. Wait, what? If you didn't notice, one of these three games hasn't been officially announced. The magazine speculates that inFamous 2 will "[pick] up a significant time after the first game, offering a reshaped metropolis." A Sony representative shot down the magazine's report though, stating, "we do not comment on rumor or speculation." While Sony remains hush about an inFamous sequel, it seems reasonable to assume that it's only a matter of time before the game comes to fruition. However, the 2010 date pegged by the magazine is likely speculation: The sequel to Batman: Arkham Asylum, while announced, hasn't been dated for a release this year. Would both Rocksteady and Sucker Punch be able to turn over sequels to their summer blockbusters just one year after they release? And most importantly, would gamers even want that?
Future's future in print not looking bright in the US
Despite an uptick in UK magazine sales it seems that Future Publishing is not seeing quite as encouraging numbers in the US. Its magazines in the region (Nintendo Power and the official Microsoft and Sony mags) have seen the company's revenue fall by 2% over the last three months, calling into question how sustainable that particular medium is in the current economic climate. Print advertising revenues fell by 4% during the same period, while online advertising revenue increased by 25%. 2 million new users have been accessing its web content (which includes GamesRadar) since September, bringing the total to over 20 million. A far larger reach than is realistically possible with a magazine. All the signs are pointing to the death of print media in the US; you need only think back a few weeks to the closure of EGM to realize that. Future is putting on a brave face, stating that it will "remain confident that we're in the best shape we can be to deal with whatever challenges lie ahead and are on track to deliver against expectations for the full year." The company's gaming section is proving to be less resilient to the economic crisis than its other sectors, such as music or technology. With almost a third of its entire library devoted to video games, however, this decline is certainly troubling.
