Culture

How Hackers Stole 21 Million People’s Records From the Government

By Sean Cunningham
November 21, 2016 5:00 am
One of a group of hackers at work (Olympus Digital Camera/Getty Images)

 

Hackers aren’t picky about whom they attack, and the U.S. Office of Personnel Management was one of those targets. Indeed, the government agency reportedly fends off 10 million attempted digital intrusions each month (generally, phishing attacks and similar assaults). But on April 15, 2015, what they discovered was unexpectedly horrifying. Malware had been operational for nearly an entire year, and it was linked to a group of hackers who had previously taken part in incredibly successful thefts. (For instance, they were responsible for hacking insurance provider Anthem, exposing the data of millions of patients.)

Thus began the search for the malware in the largely out-of-date network of 15,000 computers. The security team searched day and night, discovering 2,000 unrelated pieces of malware in the process. They concluded that employee credentials had been stolen, but determining which ones was an agonizingly slow process. (One method: determining whether or not an employee was genuinely on vacation, even though they were still “active.”)

It became clear that the hackers had struck a goldmine, accessing the data from millions of background checks, complete personnel files, and even digital images of government employee fingerprints.

Needless to say, the discovery of the extent of the breach caused a panic. Members of the Office of Personnel Management leadership were replaced and new security measures were implemented. But Brendan A. Koerner writes for Wired that all the changes ignore the crucial lesson hackers have repeatedly taught us:

“We’re overly focused on prevention at the expense of mitigation. One reason these attackers can do so much damage is that the average time between a malware infection and discovery of the attack is more than 200 days, a gap that has barely narrowed in recent years.”

To read the full article and learn about a new approach to combatting hackers, click here. To hear from a cyber security expert about the cyberattack that occurred just last month, click here.

More Like This

Beyonce in a cowboy hat
“Texas Hold ‘Em” Isn’t Beyoncé’s First Rodeo 
Airplanes landing
One Side Effect of a Government Shutdown? More Travel Delays.
WGA Strike signs
Report: WGA, Studios Reach "Tentative Agreement" on New Contract
Robot police signage
Giant Police Robot Begins Patrolling NYC Subway
Culture

Most Popular

The South Summit of Mount Everest from Camp VII in Nepal.
Excerpt: What Jon Krakauer’s “Into Thin Air” Got Wrong About Everest
An illustration of a man and woman talking. We explore the phenomenon of men not asking women questions on dates.
Men Aren’t Asking Women Questions on Dates. It’s a Problem.
An illustration of three young men after a soccer match next to the words "I Love You." We discuss the difficulty straight men still have expressing their love for their male friends.
Three Words Straight Guys Still Can’t Say to Each Other
Bill Belichick coaching for the New England Patriots in 2019.
Bill Belichick Gets ESPN Hit Piece for His Birthday
The 11 Best Vetiver Colognes On the Market
11 Fresh and Unique Vetiver Colognes We Love
Two guy friends, one sitting playing guitar and the other on piano. Here's the friendship advice from my dad and his bandmate of nearly 50 years.
Friendship Advice From My Dad and His Best Pal of 50 Years

Recommended

Suggested for you

The South Summit of Mount Everest from Camp VII in Nepal.
Excerpt: What Jon Krakauer’s “Into Thin Air” Got Wrong About Everest
An illustration of a man and woman talking. We explore the phenomenon of men not asking women questions on dates.
Men Aren’t Asking Women Questions on Dates. It’s a Problem.
An illustration of three young men after a soccer match next to the words "I Love You." We discuss the difficulty straight men still have expressing their love for their male friends.
Three Words Straight Guys Still Can’t Say to Each Other
Bill Belichick coaching for the New England Patriots in 2019.
Bill Belichick Gets ESPN Hit Piece for His Birthday
The 11 Best Vetiver Colognes On the Market
11 Fresh and Unique Vetiver Colognes We Love
Two guy friends, one sitting playing guitar and the other on piano. Here's the friendship advice from my dad and his bandmate of nearly 50 years.
Friendship Advice From My Dad and His Best Pal of 50 Years

The InsideHook Newsletter.

News, advice and insights for the most interesting person in the room.

More Culture, Right This Way

A rendering of the Team USA House

For the First Time Ever, Team USA House Will Be Open to the Public

Tom Brady throwing a pass for the Tampa Bay Buccaneers.

Report: Tom Brady Paid for Successful Plays in Tampa Bay

Bill Belichick coaching for the New England Patriots in 2019.

Bill Belichick Gets ESPN Hit Piece for His Birthday

Scottie Scheffler celebrates after winning the 2024 Masters.

Ratings Show Scottie Scheffler’s Golf Stardom Is Far From Confirmed

Explore More Culture

Keep Reading

An illustration of three young men after a soccer match next to the words "I Love You." We discuss the difficulty straight men still have expressing their love for their male friends.

Three Words Straight Guys Still Can’t Say to Each Other

A whiskey thief pouring bourbon from a barrel into a Glencairn at Bardstown Bourbon Company

For Whiskey Geeks, “Sourced” Is No Longer a Dirty Word 

Regardless of what kind of traveler you are, California has a park for you.

Which California National Park Is for You?

people dancing in a nightclub, orange dim lighting

The Best Bars in Dallas’s Bishop Arts District