Federal officials are warning as many as four million current and former federal employees that potentially sensitive information may have been hacked, the Office of Personnel Management said on Thursday.
The agency, which is responsible for security clearances and background checks, said it was urging potential victims to monitor their financial statements and obtain new credit reports.
The federal agency learned of the breach in April 2015, the Department of Homeland Security said in a statement Thursday. A month later, the federal agency learned data had been compromised.
Authorities used a detection system called EINSTEIN to unearth the information breach after the April discovery of malicious activity. That activity was uncovered as the federal personnel office toughened its cybersecurity defense.
The FBI is now investigating what exactly led to the breach.
“We take all potential threats to public and private sector systems seriously, and will continue to investigate and hold accountable those who pose a threat in cyberspace,” the FBI said in a statement.
The federal personnel office said “personally identifiable information” had been breached, though didn’t name who might be responsible.
The Washington Post and Wall Street Journal reported Thursday that Chinese hackers were responsible for the breach.
California Rep. Adam Schiff, the top Democrat on the House Intelligence Committee, said hackers are one of the “greatest challenges we face on a daily bases.”
“It’s clear that a substantial improvement in our cyber databases and defenses is perilously overdue,” Schiff said in a statement. “That’s why the House moved forward on cybersecurity legislation earlier this year, and it’s my hope that this latest incident will spur the Senate to action.”
Russia is believed to have been responsible for a separate data breach earlier this weekthat made 100,000 Americans’ tax returns vulnerable to criminals, when the Internal Revenue Service attacked.