Massive Hack Exposes Data of 4 Million Federal Employees

June 4, 2015 Approximately four million former and current federal employees may have had personally identifiable information stolen as part of a massive cyber theft announced by the administration Thursday.

The Office of Personnel Management, the federal government's human resources office, is warning employees who may be affected to be on the lookout for financial fraud. The office, which handles security clearances and other sensitive information, said it identified that its systems had been breached in April.

"Protecting our federal employee data from malicious cyber incidents is of the highest priority at OPM," Katherine Archuleta, the office's director, said in a statement. 

The office said it upgraded security on its servers after the breach, instating anti-malware software on its systems and reviewing connections to make sure "only legitimate business connections have access to the internet."

In a statement, the FBI said it is investigating the breach and vowed to "hold accountable those who pose a threat in cyberspace."

According to reports in the Washington Post and Wall Street Journal, federal authorities believe China to be the culprit, marking the second time over the past year that the country has succeeded in penetrating the federal government's cyberdefenses. Both China and Russia constantly wage cyberattacks on the U.S.

In response to the hack, OPM said it will offer free credit monitoring to affected employees.

Rep. Adam Schiff, a California Democrat, said the hack should prompt Congress to swiftly pass legislation increasing the sharing of certain cyber-threat data between the private sector and the government. Measures to that effect passed the House last month, but the Senate has yet to bring a proposal to the floor.

"This latest intrusion … is among the most shocking because Americans may expect that federal computer networks are maintained with state of the art defenses," Schiff, the top Democrat on the House Intelligence Committee, said in a statement.

"The cyber threat from hackers, criminals, terrorists and state actors is one of the greatest challenges we face on a daily bases, and it's clear that a substantial improvement in our cyber databases and defenses is perilously overdue, he added. "That's why the House moved forward on cybersecurity legislation earlier this year, and it's my hope that this latest incident will spur the Senate to action."

Privacy advocates, however, warn that such information-sharing legislation could embolden government surveillance by handing over more data to the National Security Agency.

Kaveh Waddell contributed to this article.