Skip to content
Search

Latest Stories

2025 Threat Conference
cipherbrief

Welcome! Log in to stay connected and make the most of your experience.

Input clean

The System Remains Vulnerable

The Office of Personnel Management (OPM) was the victim of a cyber-attack in 2014.  Hackers (the Chinese are suspected) gained access to OPM’s local-area network on or about May 7, 2014 by stealing credentials and then planting malware and creating a backdoor for exfiltration.  Actual exfiltration of data on background investigations did not begin until July 3, 2014, and it continued until August. In October 2014, the hackers pivoted to the Interior Department center where OPM’s personnel records resided. On December 15, 2014, the intruders siphoned that data away.  OPM did not discover that they had a problem until April 15, 2015.  The attack was successful in stealing personal data on 22 million current or former federal employees.

While the number of personnel files is staggering, why is this the most significant breach of the U.S. Government (USG) to date?

Keep reading...Show less
Access all of The Cipher Brief’s national security-focused expert insight by becoming a Cipher Brief Subscriber+ Member.
Subscriber+

Related Articles

America's Food Supply Has a Cyber Problem

OPINION — Fine-tuned sensors let farmers know which fields need more water and which crops need more fertilizer. But today, a hacker halfway around [...] More

Hackers are Taking Advantage of Gaps in U.S. Cybersecurity Policy

OPINION — When you press the power button on your computer, it turns on because a specialized code called firmware turns this stimulus into a signal [...] More

A New Year Means Further Transformative Shifts in Cyber

EXPERT PERSPECTIVE — 2023 saw the start of a transformative shift in cybersecurity, bringing both new opportunities and new challenges to the [...] More

We Have a New National Cybersecurity Strategy. Now What?

OPINION — The new National Cybersecurity Strategy is clear and concise, laying out the case for a more robust and engaged approach to defending our [...] More

How Public and Private Entities Can Fight Cybercrime

OPINION — For years, cybercrime was dismissed as an afterthought. Indeed, it wasn’t long ago that the FBI leadership famously dismissed it as [...] More

The US Needs A Cybersecurity Strategy Sooner, not Later

OPINION – The United States is under attack. U.S. organizations and businesses are being targeted with cyberattacks from nation states and criminal [...] More