A data breach that was discovered by the US governed agency last year was being investigated over the past few years, and the results are stunning. It was revealed that the hack was actually initiated by the agency itself through some endless number of mistakes. The report was done by the comprehensive congressional report, and it was released on Wednesday. The breach affected the Office of Personal Management, which is known to work on handling of federal employees’ data.
The hack which happened last year saw the loss of sensitive personal records for close to 21.5 million of its government employees, which included 5.6 million of their fingerprints. The hack is believed to have been made by Chinese groups, two of them, and many people believe they are affiliated to the Chinese government. The report also indicated that the OPM had lax security and the Chinese groups only came to take advantage of the poor security hygiene.
The groups went undetected on the sites for a few months which also in turn embarrassed the OPM. They rubbed salt into the agency’s wounds by also taunting the forensic investigators of the agency by using superhero names from popular franchise Marvel, and managed to steal data from under their noses.
When OPM eventually found out about the hack in March 2014, and they saw that it had actually begun in July 2012. At the time after finding out about the problem, the agency, with the help of the US Department of Homeland’s Security Computer Emergency Readiness Team, they were now able to monitor the activities of the hacking groups and their actions.
A month after everything had happened, the hackers then decided to register the domain ‘Opmsecurity[.]Org’ under the name of Captain America’s name alter ego, Steve Rogers. The hackers would go on to use this domain as a command center and control server which would be eventually able to steal data from the OPM servers.
At this time, OPM thought they had the hacker’s actions under control, but little did they know that another hacker had already come in and he was disguising himself as one of the employees at OPM. OPM made efforts to remove the first hacker under an operation called, Big Bang. According to the report, the operation was said to be a successful one, and it was commissioned by the US House Oversight and Government Reform Committee.
However, the second hacker still remained inside and unknown and in July 2014, the hacker also registered another domain in the name of another Marvel superhero, Tony Stark, also known as Iron Man in some circles. The report noted that the hacker groups also used this domain as a command center, and managed to steal data from under the noses of OPM again.