— -- The FBI, Department of Homeland Security and other U.S. authorities are investigating a massive hack into federal systems that may have compromised the personal information of up to 4 million current and former government employees, federal agencies announced late today.
A U.S. official said the hack could impact workers in several federal agencies and that what's currently known is just "the tip of the iceberg."
“The FBI is working with our interagency partners to investigate this matter,” an FBI spokesman said in a statement. “We take all potential threats to public and private sector systems seriously, and will continue to investigate and hold accountable those who pose a threat in cyberspace.”
Authorities strongly suspect the hack came from within China, ABC News was told.
The announcement late today came shortly after the U.S. Office of Personnel Management said it had identified “a cybersecurity incident” two months ago affecting its information technology (IT) systems and data. Since then, OPM has adopted “tougher security controls,” OPM said.
Shortly after issues within OPM were first noticed, the FBI began mapping and scrubbing the agency's systems, and the FBI along with a cyber response team from within DHS began reviewing the malware associated with the data breach. The FBI and DHS then shared its analysis with those inside and outside government, including through the dissemination of an information bulletin about the malware to the private sector and other "cybersecurity stakeholders,” officials said.
“DHS has shared information regarding the potential incident with all Federal Chief Information Offices to ensure that all agencies have the knowledge they need to defend against this cybersecurity incident,” a DHS official added.