The CIA has decided to withdraw its staff from the US embassy in China after data stolen from government computers could expose its agents, the Washington Post reports.
In April, data about some 21 million federal employees was stolen in a massive attack on the US Office of Personnel Management (OPM).
Security companies have blamed Chinese state hackers for the attack.
Removing the CIA staff was “precautionary”, agency officials told the Washington Post.
The CIA declined to comment directly on the matter.
Information about CIA staff was not in the massive cache of files stolen from OPM computers, but other records about background checks carried out by the State Department on employees were copied in the raid.
The CIA fears that by comparing the list of those who have been checked with the roster of known embassy personnel could help the Chinese expose its intelligence workers.
Those working at the embassy but not checked by the State Department were CIA agents, said the newspaper, citing “unnamed officials”.
The danger that trawling through the data would expose intelligence agents was also raised by CIA Director James Clapper during a hearing before the Senate Armed Services Committee.
James Clapper said the breach had “potentially very serious implications” for the intelligence community by identifying its agents in other countries.
“This is a gift that’s going to keep on giving for years,” he told the Senate committee looking into the cyber-threats facing the US and the steps the nation took to combat them.
James Clapper added the US itself engaged in the types of cyber-attacks China had been accused of.
Chinese hackers appear to have accessed sensitive data on US intelligence and military personnel, American officials say.
Details of a major hack emerged last week, but officials have now given details of a potential second breach.
It is feared that the attack could leave US security personnel or their families open to blackmail.
The Office of Personnel Management (OPM), is yet to comment on the reports.
Officials, who spoke on condition of anonymity to the Associated Press, believe the attackers have targeted the forms submitted by intelligence and military personnel for security clearances.
The document includes personal information – everything from eye color, to financial history, to past substance abuse, as well as contact details for the individual’s friends and relatives.
Photo Getty Images
A 127-page vetting document called Standard Form 86 may have been accessed. Among the questions potential employees are asked:
In the past seven years, have you defaulted on any loans?
Have you ever voluntarily sought counseling or treatment as a result of your use of alcohol?
In the last seven years, have you illegally used any drugs or controlled substance?
A White House statement said investigators had a “high degree of confidence” that background information on government employees had been accessed.
Joel Brenner, a former US counterintelligence official, called the data a “gold mine” for hackers.
It is also believed the breach of personal data of US government workers announced last week may be far larger than previously reported.
Initial estimates put the number of people potentially affected at four million, but officials close to the investigation told AP that as many as 14 million might be involved.
The US has said the hackers, thought to be behind both attacks, are believed to be based in China. Beijing called the claims “irresponsible”.
The Obama administration meanwhile announced further measures to beef up cybersecurity on June 12.
A White House statement said: “Recent events underscore the need to accelerate the administration’s cyber strategy and confront aggressive, persistent malicious actors that continue to target our nation’s cyber infrastructure.”
Nearly four million US government workers have been hit by data breach, officials said.
Chinese hackers are suspected of carrying out the “massive breach” of the personal data of the Office of Personnel Management (OPM) employees.
OPM has confirmed that both current and past employees had been affected.
The breach could potentially affect every federal agency, officials said.
The hackers were believed to be based in China, officials said. Beijing responded by calling such claims “irresponsible”.
OPM said it became aware of the breach in April during an “aggressive effort” to update its cyber security systems.
It said it would be contacting all those individuals whose personal data may have been breached in the coming weeks, and offering them 18 months of free credit monitoring and identity theft insurance.
OPM serves as the human resource department for the federal government. The agency issues security clearances and compiles records of all federal government employees.
Information stored on OPM databases includes employee job assignments, performance reviews and training, according to officials.
The breach did not involve background checks and clearance investigations, officials said.
Susan Collins, a member of the Senate Intelligence Committee, said the hackers were believed to be based in China.
She called the breach “yet another indication of a foreign power probing successfully and focusing on what appears to be data that would identify people with security clearances”.
China denied there was any official involvement in the attack.
China’s foreign ministry spokesman Hong Lei said at a regular briefing: “Cyber attacks are generally anonymous and conducted across borders and their origins are hard to trace.
“Not to carry out a deep investigation and keep using words such as <<possible>> is irresponsible and unscientific.”
The FBI and the Department of Homeland Security are said to be investigating the latest breach.
This website has updated its privacy policy in compliance with EU GDPR 2016/679. Please read this to review the updates about which personal data we collect on our site. By continuing to use this site, you are agreeing to our updated policy. AcceptRejectRead More
Privacy & Cookies Policy
Privacy Overview
This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.