Federal officials find another records breach

WASHINGTON – A second major intrusion into U.S. government employee records, this one designed to root out names of those who might be willing to spy for a foreign government, was uncovered during the investigation into the first such breach announced this month, two officials said Friday.

The newly discovered breach compromised financial histories and information on family members and foreign trips for as many as 4.1 million federal employees, according to a senior administration official and an FBI official.

Though the U.S. government has not announced who is behind the two cyberattacks, officials have said privately it is China.

After the discovery of the breach, which occurred in December, the Office of Personnel Management “immediately implemented additional security measures and will continue to add protections for the sensitive information it manages,” the official said.

The senior official and the FBI official spoke on the condition of anonymity because the case is continuing.

Last week, the OPM announced that a major intrusion had occurred into the agency’s personnel files of both current and former federal employees. That breach was discovered in April, and it was during an investigation into that intrusion that the officials learned of the earlier breach.

Also Friday, the White House Office of Management and Budget announced it was leading a “broad strategy to combat cyberthreats” and strengthen the federal government’s computer security.

“Recent events underscore the need to accelerate the administration’s cyberstrategy and confront aggressive, persistent malicious actors that continue to target our nation’s cyber infrastructure,” the office said in a statement.