Chinese Government Suspected of Backing Hackers in Post Office Breach
An unidentified hacker group accessed personal info on more than 80,000 USPS employees.
A hacker group accused of being backed by the Chinese government is suspected of accessing data on more than 800,000 United States Postal Service (USPS) employees.
The agency released a statement this week acknowledging that an intrusion to its networks had occurred and that it is working with the FBI in an ongoing investigation. According to the USPS, the breach was limited only to its employee database, and customer data (including payment information) was never accessed.
"Information potentially compromised in the incident may include personally identifiable information about employees, including names, dates of birth, Social Security numbers, addresses, beginning and end dates of employment, emergency contact information and other information," wrote USPS's David Partenheimer in a released statement.
While the USPS did not give any insight to the motive or the identity of the attackers, The Washington Post on Monday reported that a hacker group working for the Chinese government is suspected. Speaking to an anonymous source close to the investigation, the publication said that the incident, which occurred sometime in September, was pulled off by "a sophisticated actor that appears not to be interested in identity theft or credit card fraud."
According to James A. Lewis, a cyber-policy expert at the Center for Strategic and International Studies, besides collecting and filing the government employee data, further actions using the info will probably not occur. "They're just looking for big pots of data on government employees," Lewis said to The Post. "For the Chinese, this is probably a way of building their inventory on U.S. persons for counterintelligence and recruitment purpose."
It's unclear which high-profile hacker group that has been accused to be working hand-and-hand with the Chinese government was involved with this specific attack. Last week security firm Novetta Solutions released a report (PDF) detailing a relatively new group called Axiom. The cyber crime ring, which has ties to the Chinese government, is believed to be responsible for targeting 43,000 systems of government and law enforcement personnel from across the globe.
While there has yet to be a connection between the breach and the group, the hack would line up with what Novetta Solutions says is one of the primary fuctions of Axiom. "Information held by these organizations includes details on individuals with access to confidential or classified information, which would be extremely useful for intelligence and counterintelligence operations," read the report. "Additionally, it should be noted that this sort of information could also be used to enable or extend technical and human operations against target organizations and individuals."