Chinese hackers breached the computer system of the Office of Personnel Management in December, officials said Thursday, and the agency will notify some 4 million current and former federal employees that their personal data may have been compromised.
The hack was the second major intrusion of the agency by China in less than a year.
OPM, using new tools, discovered the breach in April, said officials at the agency who declined to comment on who was behind the hack.
Other U.S. officials, who spoke on conditions of anonymity because it is an ongoing investigation, identified the hackers as being from China.
The data potentially exposed included employees’ job assignments, performance ratings and training, the officials said. The breach did not involve background or clearance investigations, they said.
With that understanding, she said, within the last year “OPM has undertaken an aggressive effort to update our cybersecurity posture, adding numerous tools and capabilities to our networks. As a result of adding these tools, we were able to detect this intrusion into our networks.”
“Protecting our federal employee data from malicious cyber incidents is of the highest priority at OPM,” said the agency’s director, Katherine Archuleta, in a statement.
This article originally appeared in The Washington Post
Read more from The Washington Post