The Chinese hackers behind the latest breach on the Office of Personnel Management were also the culprits behind the massive breach of health insurers Anthem and Premera Blue Cross, security researchers said.
OPM revealed Thursday that it was hacked by Chinese actors in December 2014, and some 4 million personal records for current and former federal employees had been accessed.
In conducting its investigation of the Anthem and Premera Blue Cross breaches, security firm iSight noticed technical indicators showing that the hackers may also have had OPM on its radar and believe that the hackers were after personal data on high-level U.S. officials, The Hill reported Friday.
Researchers and government officials said they suspect Beijing is behind the attacks, which they believe are part of a broad digital espionage scheme targeting high-level espionage targets.
“We believe that they’re taking this data as a means to an end,” said John Hultquist, iSight’s senior manager of online espionage, The Hill reported. “It’s a means to getting more strategic information or gaining access to other places.”
The Anthem breach exposed 80 million customers’ data, including Social Security numbers, the largest health care data breach yet. Just a few weeks later, another breach at Premera Blue Cross exposed another 12 million customers’ records.
Investigators say that the hackers were looking for valuable intel on targets including defense contractors and government workers, possibly to gain access to those individuals’ sensitive accounts or to craft realistic-looking emails riddles with links to “phishing” attacks.
“They may have the information to impersonate them or may have been able to exploit them based on the fact that they have some sensitive information,” Mr. Hultquist said, The Hill reported.
Mr. Hultquist said he sees the same patterns at play in the OPM breach, which could provide the hackers with “stepping stones they can use for further activity.”
• Kellan Howell can be reached at khowell@washingtontimes.com.
Please read our comment policy before commenting.