164:, wrote in a letter to OPM director Katherine Archuleta that, based on the incomplete information that the AFGE had received from OPM, "We believe that the Central Personnel Data File was the targeted database, and that the hackers are now in possession of all personnel data for every federal employee, every federal retiree, and up to one million former federal employees." Cox stated that the AFGE believes that the breach compromised military records, veterans' status information, addresses, dates of birth, job and pay history, health insurance and life insurance information, pension information, and data on age, gender, and race.
148:(SF 86) (Questionnaire for National Security Positions). SF-86 forms contain information about family members, college roommates, foreign contacts, and psychological information. Initially, OPM stated that family members' names were not compromised, but the OPM subsequently confirmed that investigators had "a high degree of confidence that OPM systems containing information related to the background investigations of current, former, and prospective federal government employees, to include U.S. military personnel, and those for whom a federal background investigation was conducted, may have been exfiltrated." The
131:
was not CyTech
Services that uncovered the infiltration; rather, it was detected by OPM personnel using a software product of vendor Cylance. Ultimately, the conclusive House of Representatives' Majority Staff Report on the OPM breach discovered no evidence suggesting that CyTech Services knew of Cylance's involvement or had prior knowledge of an existing breach at the time of its product demonstration, leading to the finding that both tools independently "discovered" the malicious code running on the OPM network.
329:, criticized the appointment of Archuleta to be "in charge of one of the most sensitive agencies" in the U.S. government, saying: "What is her experience to run something like that? She was the national political director of Barack Obama's 2012 re-election campaign. She's also the head of something called the Latina Initiative. She's a politico, right? ... That is the kind of person they have put in."
345:
A July 22, 2015 memo by
Inspector General Patrick McFarland said that OPM's Chief Information Officer Donna Seymour was slowing her investigation into the breach, leading him to wonder whether or not she was acting in good faith. He did not raise any specific claims of misconduct, but he did say that
58:
In June 2015, OPM announced that it had been the target of a data breach targeting personnel records. Approximately 22.1 million records were affected, including records related to government employees, other people who had undergone background checks, and their friends and family. One of the largest
254:
and pleaded guilty to the federal offense of conspiracy to commit computer hacking and was subsequently deported to China. He was sentenced to time served in
February 2019 and permitted to return to China; by the end of that year, Yu was working as a teacher at the government-run Shanghai Commercial
74:
The data breach consisted of two separate, but linked, attacks. It is unclear when the first attack occurred but the second attack happened on May 7, 2014, when attackers posed as an employee of KeyPoint
Government Solutions, a subcontracting company. The first attack was discovered March 20, 2014,
130:
security company CyTech
Services that uncovered the infiltration. These reports were subsequently discussed by CyTech Services in a press release issued by the company on June 15, 2015 to clarify contradictions made by OPM spokesman Sam Schumach in a later edit of the Fortune article. However, it
349:
In 2018, the OPM was reportedly still vulnerable to data thefts, with 29 of the
Government Accountability Office's 80 recommendations remaining unaddressed. In particular, the OPM was reportedly still using passwords that had been stolen in the breach. It also had not discontinued the practice of
290:
quoted unnamed senior
American officials saying that Chinese hackers had broken into OPM. The officials said that the hackers seemed to be targeting files on workers who had applied for security clearances, and had gained access to several databases, but had been stopped before they obtained the
336:
of sensitive data. OPM CIO Donna
Seymour countered that criticism by pointing to the agency's aging systems as the primary obstacle to putting such protections in place, despite having encryption tools available. DHS Assistant Secretary for Cybersecurity and Communications Andy Ozment explained
219:. The breach also consisted of a malware package which installed itself within OPM's network and established a backdoor. From there, attackers escalated their privileges to gain access to a wide range of OPM's systems. In an article that came out before the House Oversight report,
346:
her office was fostering an "atmosphere of mistrust" by giving him "incorrect or misleading" information. On Monday 22 February 2016, CIO Donna
Seymour resigned, just two days before she was scheduled to testify before a House panel that is continuing to investigate the data breach.
337:
further that, "If an adversary has the credentials of a user on the network, then they can access data even if it's encrypted, just as the users on the network have to access data, and that did occur in this case. So encryption in this instance would not have protected this data."
259:. Yu was sentenced to pay $ 1.1 million in restitution to companies targeted by the malware, although there is little possibility of actual repayment. Yu was one of a very small number of Chinese hackers to be arrested and convicted in the U.S.; most hackers are never apprehended.
280:
semi-annual report to
Congress warned of "persistent deficiencies in OPM's information system security program," including "incomplete security authorization packages, weaknesses in testing of information security controls, and inaccurate Plans of Action and Milestones."
307:. She responded that neither she nor OPM chief information officer Donna Seymour would do so. "I am committed to the work that I am doing at OPM," Archuleta told reporters. "I have trust in the staff that is there." On July 10, 2015, Archuleta resigned as OPM director.
362:
stated: "It is a very big deal from a national security perspective and from a counterintelligence perspective. It's a treasure trove of information about everybody who has worked for, tried to work for, or works for the United States government."
172:
The stolen data included 5.6 million sets of fingerprints. Biometrics expert Ramesh Kesanupalli said that because of this, secret agents were no longer safe, as they could be identified by their fingerprints, even if their names had been changed.
840:
203:
tool used to carry out the intrusion, PlugX, has been previously used by Chinese-language hacking groups that target Tibetan and Hong Kong political activists. The use of superhero names is also a hallmark of Chinese-linked hacking groups.
618:
267:
Whether the attack was motivated by commercial gain remains unclear. It has been suggested that hackers working for the Chinese military intend to compile a database of Americans using the data obtained from the breach.
1059:
379:
332:
Security experts have stated that the biggest problem with the breach was not the failure to prevent remote break-ins, but the absence of mechanisms to detect outside intrusion and the lack of proper
629:
1088:
207:
The House Committee on Oversight and Government Reform report on the breach strongly suggested the attackers were state actors due to the use of a very specific and highly developed piece of
1690:
1710:
1328:
474:
2865:
303:
Some lawmakers made calls for Archuleta to resign citing mismanagement and that she was a political appointee and former Obama campaign official with no degree or experience in
1104:
926:
126:
later reported that it was unclear how the breach was discovered. They reported that it may have been a product demonstration of CyFIR, a commercial forensic product from a
246:
In 2017, Chinese national Yu Pingan was arrested on charges of providing the "Sakula" malware used in the OPM data breach and other cyberintrusions. The FBI arrested Yu at
1250:
865:
563:
99:
1376:
1310:
212:
88:
1277:
1862:
1402:
32:
2870:
2845:
1680:
943:
509:
251:
161:
71:, as well as names, dates and places of birth, and addresses. State-sponsored hackers working on behalf of the Chinese government carried out the attack.
2860:
1185:
957:
890:
762:
418:
370:
said: "You have to kind of salute the Chinese for what they did. If we had the opportunity to do that, I don't think we'd hesitate for a minute."
904:
1225:
186:
814:
1670:
1439:
655:
1794:
2208:
1675:
683:
64:
534:
215:
official Andy Ozment testified that the attackers had gained valid user credentials to the systems they were attacking, likely through
2342:
2324:
1825:
1603:
1369:
1012:
52:
2348:
1874:
1835:
1470:
247:
196:
44:
1649:
1135:
2408:
2354:
1929:
1820:
1105:
The OPM Breach Is a Catastrophe: First the government must own up to its failure. Then the feds should follow this plan to fix it
789:
1030:
295:, the director of OPM, said that the most important thing was that no personal identification information had been compromised.
1756:
1593:
1495:
277:
2855:
1815:
1588:
1695:
1407:
1397:
1362:
1163:
216:
2569:
1959:
1746:
1685:
1644:
1542:
1345:
350:
sharing administrative accounts between users, despite that practice having been recommended against as early as 2003.
2064:
1799:
1562:
149:
2753:
2094:
1949:
1741:
1634:
1578:
103:
36:
2234:
2203:
1830:
2372:
1939:
1857:
1763:
1736:
325:
1121:
91:(DHS), was discovered March 20, 2014 when a third party notified DHS of data exfiltration from OPM's network.
447:
2528:
2192:
1665:
1598:
1444:
591:
2402:
2258:
2089:
1751:
68:
2850:
2543:
2378:
2162:
1526:
384:
191:
The overwhelming consensus is that the cyberattack was carried out by state-sponsored attackers for the
182:
35:(OPM). One of the largest breaches of government data in U.S. history, the attack was carried out by an
619:"The OPM Data Breach: How the Government Jeopardized Our National Security for More than a Generation"
2306:
2187:
1899:
1608:
1557:
1552:
990:
737:
394:
200:
2805:
2677:
1705:
1521:
891:"OPM Hack Far Deeper Than Publicly Acknowledged, Went Undetected For More Than A Year, Sources Say"
315:
292:
240:
76:
48:
276:
The OPM had been warned multiple times of security vulnerabilities and failings. A March 2015 OPM
2815:
2810:
2707:
2336:
2099:
2025:
1715:
1516:
1190:
1140:
286:
237:. However these were discussed as poor security practices but not the actual source of the leak.
192:
127:
711:
419:"U.S. Suspects Hackers in China Breached About four (4) Million People's Records, Officials Say"
233:
in every database was physically located in China and another contractor had two employees with
1211:
2820:
2702:
2672:
2276:
2132:
1490:
1454:
965:
75:
but the second attack was not discovered until April 15, 2015. In the aftermath of the event,
60:
2748:
2600:
2523:
2172:
2109:
1984:
1433:
389:
367:
310:
234:
145:
112:
28:
2758:
2733:
2697:
2625:
2538:
2533:
2177:
1969:
1879:
1583:
304:
2497:
2492:
2182:
2167:
2157:
2152:
2084:
2059:
2054:
2049:
1994:
1449:
1100:
230:
2839:
2620:
2079:
2038:
2034:
2030:
1229:
225:
reported on poor security practices at OPM contractors that at least one worker with
1089:
Exclusive: Malware broker behind U.S. hacks is now teaching computer skills in China
2564:
2518:
2318:
2282:
2137:
2127:
2020:
2015:
2010:
1884:
1700:
1629:
221:
118:
152:, however, does not use the OPM system; therefore, it may not have been affected.
475:"Hacks of OPM databases compromised 22.1 million people, federal authorities say"
2800:
2790:
2738:
2646:
2590:
2502:
2451:
2312:
2142:
1869:
1500:
359:
24:
1329:
Hacks of OPM databases compromised 22.1 million people, federal authorities say
1212:
Too Much Information: A transcript of the weekend's program on FOX News Channel
59:
breaches of government data in U.S. history, information that was obtained and
2743:
2728:
2656:
2446:
2396:
2300:
2252:
2228:
2216:
2074:
1999:
1989:
1979:
1964:
1924:
1849:
1480:
1346:
China Is 'Leading Suspect' in OPM Hacks, Says Intelligence Chief James Clapper
866:"Surprise! House Oversight report blames OPM leadership for breach of records"
333:
969:
712:"A product demo revealed the 'biggest ever' government data breach - Fortune"
510:"The OPM hack explained: Bad security practices meet China's Captain America"
2774:
2651:
2615:
2605:
2477:
2294:
2044:
1974:
1914:
1475:
1311:"Office Of Personnel Management Still Vulnerable 3 Years After Massive Hack"
1282:
226:
366:
Speaking at a forum in Washington, D.C., Director of National Intelligence
250:
after he had flown to the U.S. for a conference. Yu spent 18 months at the
1186:"Katherine Archuleta, Director of Office of Personnel Management, Resigns"
1060:"Chinese national arrested for allegedly using malware linked to OPM hack"
2682:
2610:
2595:
2414:
2390:
2264:
2246:
2147:
2069:
1904:
1889:
1789:
1768:
1547:
1255:
320:
256:
1134:
Schmidt, Michael S.; Sanger, David E.; Perlroth, Nicole (10 July 2014).
958:"Hackers Took Fingerprints of 5.6 Million U.S. Workers, Government Says"
763:"Report: Hack of government employee records discovered by product demo"
448:"Estimate of Americans hit by government personnel data hack skyrockets"
2712:
2585:
2548:
2482:
2461:
2431:
2384:
2366:
2288:
2222:
2004:
1919:
1909:
1894:
1354:
564:"Massive Data Breach Puts 4 Million Federal Employees' Records At Risk"
452:
208:
2795:
2687:
2641:
2456:
2270:
2240:
2119:
2104:
1934:
1773:
1485:
31:(SF-86) U.S. government security clearance records retained by the
2420:
2360:
2330:
1639:
1278:"OPM's cybersecurity chief resigns in wake of massive data breach"
380:
2020 United States Treasury and Department of Commerce data breach
291:
security clearance information. In an interview later that month,
40:
1120:
Office of Personnel Management, Office of the Inspector General,
2692:
2487:
1731:
1358:
1013:"Encryption "would not have helped" at OPM, says DHS official"
905:"Breach of Employee Data Wider Than Initial Report, U.S. Says"
1122:
Semiannual Report to Congress: October 1, 2014โMarch 31, 2015
79:, the director of OPM, and the CIO, Donna Seymour, resigned.
944:
Union: Hackers have personnel data on every federal employee
815:"CyTech Services Confirms Assistance to OPM Breach Response"
738:"Why The OPM Breach Is Such a Security and Privacy Debacle"
684:"Hacking Linked to China Exposes Millions of U.S. Workers"
1671:
Hollywood Presbyterian Medical Center ransomware incident
1031:"U.S. government hacked; feds think China is the culprit"
991:"OPM hack's unprecedented haul: 1.1 million fingerprints"
790:"U.S. Spy Agencies Join Probe of Personnel-Records Theft"
16:
Cyberattack stealing 20 million federal personnel records
98:
had reported that the infiltration was discovered using
656:"OPM CIO Seymour resigns days before Oversight hearing"
1251:"Watchdog accuses OPM of hindering hack investigation"
592:
China's Hacking Spree Will Have a Decades-Long Fallout
535:"China Suspected in Theft of Federal Employee Records"
144:
The data breach compromised highly sensitive 127-page
2783:
2767:
2721:
2665:
2634:
2578:
2557:
2511:
2470:
2439:
2430:
2201:
2118:
1948:
1848:
1808:
1782:
1724:
1658:
1617:
1571:
1535:
1509:
1463:
1426:
1419:
920:
918:
94:With regards to the second breach, named "X2", the
788:Damian Paletta And Siobhan Hughes (10 June 2015).
626:House Committee on Oversight and Government Reform
446:Zengerle, Patricia; Cassella, Megan (2015-07-09).
1136:"Chinese Hackers Pursue Key Data on U.S. Workers"
1083:
1081:
1079:
1077:
1075:
1073:
441:
439:
1711:Russian interference in the 2016 U.S. elections
1226:"OPM breach a failure on encryption, detection"
100:United States Computer Emergency Readiness Team
911:. June 12, 2015 – via www.bloomberg.com.
736:Kim Zetter and Andy Greenberg (11 June 2015).
706:
704:
1370:
8:
2866:United States Office of Personnel Management
884:
882:
503:
501:
499:
497:
495:
33:United States Office of Personnel Management
1681:Democratic National Committee cyber attacks
938:
936:
162:American Federation of Government Employees
2436:
1625:Office of Personnel Management data breach
1423:
1377:
1363:
1355:
1053:
1051:
677:
675:
199:. The attack originated in China, and the
106:intrusion-detection program. However, the
21:Office of Personnel Management data breach
1304:
1302:
1300:
1164:"Archuleta on attempted breach and USIS"
313:, deputy editorial page director of the
1087:Steve Stecklow & Alexandra Harney,
841:"Credit for discovering the OPM breach"
586:
584:
406:
140:Theft of security clearance information
1024:
1022:
243:denied responsibility for the attack.
187:Chinese espionage in the United States
617:Chaffetz, Jason (September 7, 2016).
557:
555:
412:
410:
7:
612:
610:
608:
606:
604:
213:U.S. Department of Homeland Security
87:The first breach, named "X1" by the
1676:Commission on Elections data breach
946:, Associated Press (June 11, 2015).
65:personally identifiable information
2871:Obama administration controversies
2846:Data breaches in the United States
1058:Devlin Barrett (August 24, 2017).
252:San Diego federal detention center
14:
2861:Cyberwarfare in the United States
1836:Jeff Bezos phone hacking incident
927:"The OPM Breach Is a Catastrophe"
248:Los Angeles International Airport
197:Jiangsu State Security Department
45:Jiangsu State Security Department
2409:Microarchitectural Data Sampling
1645:Ukrainian Power Grid Cyberattack
1553:Cyberterrorism attack of June 25
1184:Davis, Julie H. (10 July 2015).
682:Sanger, David E. (5 June 2015).
473:Nakashima, Ellen (9 July 2015).
1757:2017 Ukraine ransomware attacks
1594:2014 JPMorgan Chase data breach
989:Paglieri, Jose (10 July 2015).
956:Sanger, David E. (2015-09-23).
508:Fruhlinger, Josh (2020-02-12).
417:Barrett, Devlin (5 June 2015).
278:Office of the Inspector General
160:J. David Cox, president of the
89:Department of Homeland Security
1589:2014 celebrity nude photo leak
1091:, Reuters (December 24, 2019).
1:
1826:Bulgarian revenue agency hack
1604:Russian hacker password theft
1029:Liptak, Kevin (4 June 2015).
1960:Bangladesh Black Hat Hackers
1436:(publication of 2009 events)
562:Sanders, Sam (4 June 2015).
539:U.S. News & World Report
43:, widely believed to be the
1821:Baltimore ransomware attack
1348:, NBC News (June 25, 2015).
1224:Aaron Boyd (22 June 2015).
150:Central Intelligence Agency
2887:
2095:Tailored Access Operations
1742:WannaCry ransomware attack
1635:Ashley Madison data breach
1579:Anthem medical data breach
1496:PlayStation network outage
654:Boyd, Aaron (2017-08-08).
533:Risen, Tom (5 June 2015).
180:
53:Ministry of State Security
37:advanced persistent threat
1831:WhatsApp snooping scandal
1696:Indian Bank data breaches
1390:
156:Theft of personal details
2373:Speculative Store Bypass
1940:Ukrainian Cyber Alliance
1737:2017 Macron e-mail leaks
326:Journal Editorial Report
1747:Westminster data breach
1666:Bangladesh Bank robbery
1609:2014 Yahoo! data breach
1599:2014 Sony Pictures hack
1558:2013 Yahoo! data breach
1543:South Korea cyberattack
1445:Operation Olympic Games
1440:Australian cyberattacks
69:Social Security numbers
63:in the breach included
2090:Syrian Electronic Army
1800:SingHealth data breach
1563:Singapore cyberattacks
1501:RSA SecurID compromise
47:, a subsidiary of the
2856:Cyberwarfare by China
2379:Lazy FP state restore
2163:Kristoffer von Hassel
1816:Sri Lanka cyberattack
1686:Vietnam Airport Hacks
1527:Operation High Roller
635:on September 21, 2018
385:Cyberwarfare by China
284:A July 2014 story in
183:Cyberwarfare by China
181:Further information:
168:Theft of fingerprints
2325:Silent Bob is Silent
1385:Hacking in the 2010s
1333:The Washington Post.
598:(February 11, 2020).
395:Yahoo! data breaches
2259:SS7 vulnerabilities
1795:Atlanta cyberattack
1764:Equifax data breach
1522:Stratfor email leak
1471:Canadian government
1450:Operation ShadowNet
1344:Julianne Pepitone,
479:The Washington Post
423:Wall Street Journal
316:Wall Street Journal
293:Katherine Archuleta
195:, specifically the
108:Wall Street Journal
77:Katherine Archuleta
49:Government of China
2708:Petya and NotPetya
2337:ROCA vulnerability
2100:The Shadow Brokers
2026:Iranian Cyber Army
1952:persistent threats
1752:Petya and NotPetya
1716:2016 Bitfinex hack
1691:DCCC cyber attacks
1650:SWIFT banking hack
1191:The New York Times
1141:The New York Times
962:The New York Times
868:. 7 September 2016
590:Garrett M. Graff,
287:The New York Times
255:School in central
217:social engineering
193:Chinese government
128:Manassas, Virginia
2833:
2832:
2829:
2828:
2821:ZeroAccess botnet
2133:Mustafa Al-Bassam
1900:New World Hackers
1863:associated events
1844:
1843:
1640:VTech data breach
1491:Operation AntiSec
1455:Operation Payback
1414:
1413:
1162:Jackson, George.
1011:Gallagher, Sean.
925:Auerbach, David.
235:Chinese passports
2878:
2437:
2110:Yemen Cyber Army
1434:Operation Aurora
1424:
1393:
1392:
1379:
1372:
1365:
1356:
1349:
1342:
1336:
1325:
1319:
1318:
1306:
1295:
1294:
1292:
1290:
1274:
1268:
1267:
1265:
1263:
1247:
1241:
1240:
1238:
1236:
1221:
1215:
1214:(July 12, 2015).
1209:
1203:
1202:
1200:
1198:
1181:
1175:
1174:
1172:
1170:
1159:
1153:
1152:
1150:
1148:
1131:
1125:
1118:
1112:
1111:(June 16, 2015).
1098:
1092:
1085:
1068:
1067:
1055:
1046:
1045:
1043:
1041:
1026:
1017:
1016:
1008:
1002:
1001:
999:
997:
986:
980:
979:
977:
976:
953:
947:
940:
931:
930:
922:
913:
912:
901:
895:
894:
886:
877:
876:
874:
873:
862:
856:
855:
853:
852:
837:
831:
830:
828:
826:
811:
805:
804:
802:
800:
785:
779:
778:
776:
774:
759:
753:
752:
750:
748:
733:
727:
726:
724:
722:
708:
699:
698:
696:
694:
679:
670:
669:
667:
666:
651:
645:
644:
642:
640:
634:
628:. Archived from
623:
614:
599:
588:
579:
578:
576:
574:
559:
550:
549:
547:
545:
530:
524:
523:
521:
520:
505:
490:
489:
487:
485:
470:
464:
463:
461:
460:
443:
434:
433:
431:
429:
414:
390:Operation Aurora
368:James R. Clapper
311:Daniel Henninger
146:Standard Form 86
29:Standard Form 86
2886:
2885:
2881:
2880:
2879:
2877:
2876:
2875:
2836:
2835:
2834:
2825:
2779:
2763:
2717:
2661:
2630:
2574:
2553:
2507:
2466:
2426:
2206:
2204:vulnerabilities
2197:
2114:
2007:(confederation)
1970:Charming Kitten
1951:
1944:
1880:Goatse Security
1840:
1804:
1778:
1769:Deloitte breach
1720:
1706:Dyn cyberattack
1654:
1613:
1584:Operation Tovar
1567:
1531:
1505:
1459:
1420:Major incidents
1415:
1386:
1383:
1353:
1352:
1343:
1339:
1326:
1322:
1308:
1307:
1298:
1288:
1286:
1276:
1275:
1271:
1261:
1259:
1249:
1248:
1244:
1234:
1232:
1223:
1222:
1218:
1210:
1206:
1196:
1194:
1183:
1182:
1178:
1168:
1166:
1161:
1160:
1156:
1146:
1144:
1133:
1132:
1128:
1119:
1115:
1099:
1095:
1086:
1071:
1064:Washington Post
1057:
1056:
1049:
1039:
1037:
1028:
1027:
1020:
1010:
1009:
1005:
995:
993:
988:
987:
983:
974:
972:
955:
954:
950:
941:
934:
924:
923:
916:
903:
902:
898:
888:
887:
880:
871:
869:
864:
863:
859:
850:
848:
839:
838:
834:
824:
822:
813:
812:
808:
798:
796:
787:
786:
782:
772:
770:
761:
760:
756:
746:
744:
735:
734:
730:
720:
718:
710:
709:
702:
692:
690:
681:
680:
673:
664:
662:
653:
652:
648:
638:
636:
632:
621:
616:
615:
602:
589:
582:
572:
570:
561:
560:
553:
543:
541:
532:
531:
527:
518:
516:
507:
506:
493:
483:
481:
472:
471:
467:
458:
456:
445:
444:
437:
427:
425:
416:
415:
408:
403:
376:
356:
343:
305:human resources
301:
274:
265:
189:
179:
170:
158:
142:
137:
85:
17:
12:
11:
5:
2884:
2882:
2874:
2873:
2868:
2863:
2858:
2853:
2848:
2838:
2837:
2831:
2830:
2827:
2826:
2824:
2823:
2818:
2813:
2808:
2803:
2798:
2793:
2787:
2785:
2781:
2780:
2778:
2777:
2771:
2769:
2765:
2764:
2762:
2761:
2756:
2751:
2746:
2741:
2736:
2731:
2725:
2723:
2719:
2718:
2716:
2715:
2710:
2705:
2700:
2695:
2690:
2685:
2680:
2675:
2669:
2667:
2663:
2662:
2660:
2659:
2654:
2649:
2644:
2638:
2636:
2632:
2631:
2629:
2628:
2623:
2618:
2613:
2608:
2603:
2598:
2593:
2591:Black Energy 3
2588:
2582:
2580:
2576:
2575:
2573:
2572:
2567:
2561:
2559:
2555:
2554:
2552:
2551:
2546:
2541:
2536:
2531:
2526:
2521:
2515:
2513:
2509:
2508:
2506:
2505:
2500:
2498:Metulji botnet
2495:
2490:
2485:
2480:
2474:
2472:
2468:
2467:
2465:
2464:
2459:
2454:
2452:Black Energy 2
2449:
2443:
2441:
2434:
2428:
2427:
2425:
2424:
2418:
2412:
2406:
2400:
2394:
2388:
2382:
2376:
2370:
2364:
2358:
2352:
2346:
2340:
2334:
2328:
2322:
2316:
2310:
2307:Broadcom Wi-Fi
2304:
2298:
2292:
2286:
2280:
2274:
2268:
2262:
2256:
2250:
2244:
2238:
2232:
2226:
2220:
2213:
2211:
2199:
2198:
2196:
2195:
2190:
2185:
2180:
2175:
2170:
2168:Junaid Hussain
2165:
2160:
2158:Jeremy Hammond
2155:
2153:Elliott Gunton
2150:
2145:
2140:
2135:
2130:
2124:
2122:
2116:
2115:
2113:
2112:
2107:
2102:
2097:
2092:
2087:
2085:Stealth Falcon
2082:
2077:
2072:
2067:
2062:
2060:PLA Unit 61486
2057:
2055:PLA Unit 61398
2052:
2050:Numbered Panda
2047:
2042:
2028:
2023:
2018:
2013:
2008:
2002:
1997:
1995:Equation Group
1992:
1987:
1982:
1977:
1972:
1967:
1962:
1956:
1954:
1946:
1945:
1943:
1942:
1937:
1932:
1927:
1922:
1917:
1912:
1907:
1902:
1897:
1892:
1887:
1882:
1877:
1872:
1867:
1866:
1865:
1854:
1852:
1846:
1845:
1842:
1841:
1839:
1838:
1833:
1828:
1823:
1818:
1812:
1810:
1806:
1805:
1803:
1802:
1797:
1792:
1786:
1784:
1780:
1779:
1777:
1776:
1771:
1766:
1761:
1760:
1759:
1749:
1744:
1739:
1734:
1728:
1726:
1722:
1721:
1719:
1718:
1713:
1708:
1703:
1698:
1693:
1688:
1683:
1678:
1673:
1668:
1662:
1660:
1656:
1655:
1653:
1652:
1647:
1642:
1637:
1632:
1627:
1621:
1619:
1615:
1614:
1612:
1611:
1606:
1601:
1596:
1591:
1586:
1581:
1575:
1573:
1569:
1568:
1566:
1565:
1560:
1555:
1550:
1545:
1539:
1537:
1533:
1532:
1530:
1529:
1524:
1519:
1513:
1511:
1507:
1506:
1504:
1503:
1498:
1493:
1488:
1486:HBGary Federal
1483:
1478:
1473:
1467:
1465:
1461:
1460:
1458:
1457:
1452:
1447:
1442:
1437:
1430:
1428:
1421:
1417:
1416:
1412:
1411:
1405:
1400:
1391:
1388:
1387:
1384:
1382:
1381:
1374:
1367:
1359:
1351:
1350:
1337:
1320:
1309:Mathews, Lee.
1296:
1269:
1242:
1216:
1204:
1176:
1154:
1126:
1113:
1101:David Auerbach
1093:
1069:
1047:
1018:
1003:
981:
948:
942:Ken Dilanian,
932:
914:
896:
878:
857:
832:
821:. 15 June 2015
806:
780:
769:. 11 June 2015
754:
728:
700:
688:New York Times
671:
646:
600:
580:
551:
525:
491:
465:
435:
405:
404:
402:
399:
398:
397:
392:
387:
382:
375:
372:
355:
352:
342:
339:
319:, speaking on
300:
299:Responsibility
297:
273:
270:
264:
261:
178:
175:
169:
166:
157:
154:
141:
138:
136:
133:
96:New York Times
84:
81:
15:
13:
10:
9:
6:
4:
3:
2:
2883:
2872:
2869:
2867:
2864:
2862:
2859:
2857:
2854:
2852:
2849:
2847:
2844:
2843:
2841:
2822:
2819:
2817:
2814:
2812:
2809:
2807:
2804:
2802:
2799:
2797:
2794:
2792:
2789:
2788:
2786:
2782:
2776:
2773:
2772:
2770:
2766:
2760:
2757:
2755:
2752:
2750:
2747:
2745:
2742:
2740:
2737:
2735:
2732:
2730:
2727:
2726:
2724:
2720:
2714:
2711:
2709:
2706:
2704:
2701:
2699:
2696:
2694:
2691:
2689:
2686:
2684:
2681:
2679:
2676:
2674:
2671:
2670:
2668:
2664:
2658:
2655:
2653:
2650:
2648:
2645:
2643:
2640:
2639:
2637:
2633:
2627:
2624:
2622:
2621:Gameover ZeuS
2619:
2617:
2614:
2612:
2609:
2607:
2604:
2602:
2599:
2597:
2594:
2592:
2589:
2587:
2584:
2583:
2581:
2577:
2571:
2568:
2566:
2563:
2562:
2560:
2556:
2550:
2547:
2545:
2542:
2540:
2537:
2535:
2532:
2530:
2527:
2525:
2522:
2520:
2517:
2516:
2514:
2510:
2504:
2501:
2499:
2496:
2494:
2491:
2489:
2486:
2484:
2481:
2479:
2476:
2475:
2473:
2469:
2463:
2460:
2458:
2455:
2453:
2450:
2448:
2445:
2444:
2442:
2438:
2435:
2433:
2429:
2422:
2419:
2416:
2413:
2410:
2407:
2404:
2401:
2398:
2395:
2392:
2389:
2386:
2383:
2380:
2377:
2374:
2371:
2368:
2365:
2362:
2359:
2356:
2353:
2350:
2347:
2344:
2341:
2338:
2335:
2332:
2329:
2326:
2323:
2320:
2317:
2314:
2311:
2308:
2305:
2302:
2299:
2296:
2293:
2290:
2287:
2284:
2281:
2278:
2275:
2272:
2269:
2266:
2263:
2260:
2257:
2254:
2251:
2248:
2245:
2242:
2239:
2236:
2233:
2230:
2227:
2224:
2221:
2218:
2215:
2214:
2212:
2210:
2205:
2200:
2194:
2191:
2189:
2186:
2184:
2181:
2179:
2176:
2174:
2171:
2169:
2166:
2164:
2161:
2159:
2156:
2154:
2151:
2149:
2146:
2144:
2141:
2139:
2136:
2134:
2131:
2129:
2126:
2125:
2123:
2121:
2117:
2111:
2108:
2106:
2103:
2101:
2098:
2096:
2093:
2091:
2088:
2086:
2083:
2081:
2080:Rocket Kitten
2078:
2076:
2073:
2071:
2068:
2066:
2063:
2061:
2058:
2056:
2053:
2051:
2048:
2046:
2043:
2040:
2036:
2032:
2031:Lazarus Group
2029:
2027:
2024:
2022:
2019:
2017:
2014:
2012:
2009:
2006:
2003:
2001:
1998:
1996:
1993:
1991:
1988:
1986:
1983:
1981:
1978:
1976:
1973:
1971:
1968:
1966:
1963:
1961:
1958:
1957:
1955:
1953:
1947:
1941:
1938:
1936:
1933:
1931:
1928:
1926:
1923:
1921:
1918:
1916:
1913:
1911:
1908:
1906:
1903:
1901:
1898:
1896:
1893:
1891:
1888:
1886:
1883:
1881:
1878:
1876:
1873:
1871:
1868:
1864:
1861:
1860:
1859:
1856:
1855:
1853:
1851:
1847:
1837:
1834:
1832:
1829:
1827:
1824:
1822:
1819:
1817:
1814:
1813:
1811:
1807:
1801:
1798:
1796:
1793:
1791:
1788:
1787:
1785:
1781:
1775:
1774:Disqus breach
1772:
1770:
1767:
1765:
1762:
1758:
1755:
1754:
1753:
1750:
1748:
1745:
1743:
1740:
1738:
1735:
1733:
1730:
1729:
1727:
1723:
1717:
1714:
1712:
1709:
1707:
1704:
1702:
1699:
1697:
1694:
1692:
1689:
1687:
1684:
1682:
1679:
1677:
1674:
1672:
1669:
1667:
1664:
1663:
1661:
1657:
1651:
1648:
1646:
1643:
1641:
1638:
1636:
1633:
1631:
1628:
1626:
1623:
1622:
1620:
1616:
1610:
1607:
1605:
1602:
1600:
1597:
1595:
1592:
1590:
1587:
1585:
1582:
1580:
1577:
1576:
1574:
1570:
1564:
1561:
1559:
1556:
1554:
1551:
1549:
1548:Snapchat hack
1546:
1544:
1541:
1540:
1538:
1534:
1528:
1525:
1523:
1520:
1518:
1517:LinkedIn hack
1515:
1514:
1512:
1508:
1502:
1499:
1497:
1494:
1492:
1489:
1487:
1484:
1482:
1479:
1477:
1474:
1472:
1469:
1468:
1466:
1462:
1456:
1453:
1451:
1448:
1446:
1443:
1441:
1438:
1435:
1432:
1431:
1429:
1425:
1422:
1418:
1410: →
1409:
1406:
1404:
1401:
1399:
1396:←
1395:
1394:
1389:
1380:
1375:
1373:
1368:
1366:
1361:
1360:
1357:
1347:
1341:
1338:
1335:July 9, 2015.
1334:
1330:
1324:
1321:
1316:
1312:
1305:
1303:
1301:
1297:
1285:
1284:
1279:
1273:
1270:
1258:
1257:
1252:
1246:
1243:
1231:
1230:Federal Times
1227:
1220:
1217:
1213:
1208:
1205:
1193:
1192:
1187:
1180:
1177:
1165:
1158:
1155:
1143:
1142:
1137:
1130:
1127:
1123:
1117:
1114:
1110:
1106:
1102:
1097:
1094:
1090:
1084:
1082:
1080:
1078:
1076:
1074:
1070:
1065:
1061:
1054:
1052:
1048:
1036:
1032:
1025:
1023:
1019:
1014:
1007:
1004:
992:
985:
982:
971:
967:
963:
959:
952:
949:
945:
939:
937:
933:
928:
921:
919:
915:
910:
909:Bloomberg.com
906:
900:
897:
892:
889:Mike Levine.
885:
883:
879:
867:
861:
858:
847:. 27 May 2016
846:
842:
836:
833:
820:
816:
810:
807:
795:
791:
784:
781:
768:
764:
758:
755:
743:
739:
732:
729:
717:
713:
707:
705:
701:
689:
685:
678:
676:
672:
661:
660:Federal Times
657:
650:
647:
631:
627:
620:
613:
611:
609:
607:
605:
601:
597:
593:
587:
585:
581:
569:
565:
558:
556:
552:
540:
536:
529:
526:
515:
511:
504:
502:
500:
498:
496:
492:
480:
476:
469:
466:
455:
454:
449:
442:
440:
436:
424:
420:
413:
411:
407:
400:
396:
393:
391:
388:
386:
383:
381:
378:
377:
373:
371:
369:
364:
361:
358:FBI Director
353:
351:
347:
341:Investigation
340:
338:
335:
330:
328:
327:
322:
318:
317:
312:
308:
306:
298:
296:
294:
289:
288:
282:
279:
271:
269:
262:
260:
258:
253:
249:
244:
242:
238:
236:
232:
228:
224:
223:
218:
214:
210:
205:
202:
198:
194:
188:
184:
176:
174:
167:
165:
163:
155:
153:
151:
147:
139:
134:
132:
129:
125:
121:
120:
115:
114:
109:
105:
102:(US-CERT)'s
101:
97:
92:
90:
82:
80:
78:
72:
70:
66:
62:
56:
54:
50:
46:
42:
38:
34:
30:
26:
22:
2851:Cyberattacks
2565:CryptoLocker
2319:DoublePulsar
2138:Cyber Anakin
2128:Ryan Ackroyd
2021:Helix Kitten
2016:Hacking Team
2011:Guccifer 2.0
1885:Lizard Squad
1701:Surkov leaks
1630:Hacking Team
1624:
1340:
1332:
1323:
1314:
1287:. Retrieved
1281:
1272:
1260:. Retrieved
1254:
1245:
1233:. Retrieved
1219:
1207:
1195:. Retrieved
1189:
1179:
1167:. Retrieved
1157:
1145:. Retrieved
1139:
1129:
1116:
1108:
1096:
1063:
1038:. Retrieved
1034:
1006:
994:. Retrieved
984:
973:. Retrieved
961:
951:
908:
899:
870:. Retrieved
860:
849:. Retrieved
844:
835:
823:. Retrieved
818:
809:
797:. Retrieved
793:
783:
771:. Retrieved
767:Ars Technica
766:
757:
745:. Retrieved
741:
731:
719:. Retrieved
715:
691:. Retrieved
687:
663:. Retrieved
659:
649:
637:. Retrieved
630:the original
625:
595:
571:. Retrieved
567:
542:. Retrieved
538:
528:
517:. Retrieved
513:
482:. Retrieved
478:
468:
457:. Retrieved
451:
426:. Retrieved
422:
365:
357:
348:
344:
331:
324:
314:
309:
302:
285:
283:
275:
266:
245:
239:
222:Ars Technica
220:
206:
190:
177:Perpetrators
171:
159:
143:
123:
119:Ars Technica
117:
111:
107:
95:
93:
86:
73:
57:
55:spy agency.
20:
18:
2801:NetTraveler
2739:LogicLocker
2647:Hidden Tear
2544:Red October
2403:Dragonblood
2313:EternalBlue
2277:Stagefright
2143:George Hotz
2120:Individuals
1870:CyberBerkut
1289:23 February
1235:17 November
360:James Comey
227:root access
61:exfiltrated
25:data breach
23:was a 2015
2840:Categories
2744:Rensenware
2729:BrickerBot
2657:TeslaCrypt
2447:Bad Rabbit
2397:Foreshadow
2301:Cloudbleed
2253:Row hammer
2235:Shellshock
2229:Heartbleed
2217:Evercookie
2193:The Jester
2075:Red Apollo
2035:BlueNorOff
2005:GOSSIPGIRL
2000:Fancy Bear
1990:Elfin Team
1985:DarkMatter
1980:Dark Basin
1965:Bureau 121
1925:Teamp0ison
1850:Hacktivism
1481:DNSChanger
975:2015-09-23
872:2016-09-17
851:2016-09-17
665:2017-12-04
639:October 4,
519:2023-05-29
514:CSO Online
459:2015-07-09
401:References
334:encryption
135:Data theft
27:targeting
2775:VPNFilter
2652:Rombertik
2616:FinFisher
2606:DarkHotel
2570:DarkSeoul
2478:Coreflood
2343:BlueBorne
2295:Dirty COW
2209:disclosed
2207:publicly
2045:NSO Group
1975:Cozy Bear
1915:PayPal 14
1858:Anonymous
1732:SHAttered
1476:DigiNotar
1283:USA Today
970:0362-4331
354:Reactions
229:to every
83:Discovery
39:based in
2816:Titanium
2759:XafeCopy
2754:WannaCry
2683:KeRanger
2611:Duqu 2.0
2596:Carbanak
2415:BlueKeep
2391:SigSpoof
2349:Meltdown
2265:WinShock
2247:Rootpipe
2148:Guccifer
2070:Pranknet
2065:PLATINUM
2039:AndAriel
1950:Advanced
1905:NullCrew
1890:LulzRaft
1790:Trustico
1403:Timeline
1262:8 August
1256:Fox News
845:POLITICO
374:See also
321:Fox News
272:Warnings
257:Shanghai
201:backdoor
104:Einstein
67:such as
2713:X-Agent
2703:Pegasus
2586:Brambul
2549:Shamoon
2493:Kelihos
2483:Alureon
2462:Stuxnet
2432:Malware
2385:TLBleed
2367:Exactis
2355:Spectre
2289:Badlock
2223:iSeeYou
2188:Topiary
1920:RedHack
1910:OurMine
1895:LulzSec
1197:10 July
1169:29 June
1147:29 June
996:11 July
825:10 July
799:10 July
773:10 July
747:10 July
721:10 July
716:Fortune
484:19 July
453:Reuters
209:malware
124:Fortune
2796:Joanap
2749:Triton
2688:Necurs
2678:Jigsaw
2673:Hitler
2642:Dridex
2601:Careto
2524:Dexter
2457:SpyEye
2423:(2019)
2417:(2019)
2411:(2019)
2405:(2019)
2399:(2018)
2393:(2018)
2387:(2018)
2381:(2018)
2375:(2018)
2369:(2018)
2363:(2018)
2357:(2018)
2351:(2018)
2345:(2017)
2339:(2017)
2333:(2017)
2327:(2017)
2321:(2017)
2315:(2017)
2309:(2017)
2303:(2017)
2297:(2016)
2291:(2016)
2285:(2016)
2279:(2015)
2273:(2015)
2271:JASBUG
2267:(2014)
2261:(2014)
2255:(2014)
2249:(2014)
2243:(2014)
2241:POODLE
2237:(2014)
2231:(2014)
2225:(2013)
2219:(2010)
2202:Major
2183:Track2
2105:xDedic
1935:UGNazi
1315:Forbes
1040:5 June
968:
693:5 June
573:5 June
544:5 June
428:5 June
263:Motive
122:, and
2811:Tinba
2698:Mirai
2626:Regin
2539:Mahdi
2534:Flame
2519:Carna
2503:Stars
2421:Kr00k
2361:EFAIL
2331:KRACK
2283:DROWN
1408:2020s
1398:2000s
1109:Slate
819:PRWeb
742:Wired
633:(PDF)
622:(PDF)
596:Wired
241:China
113:Wired
41:China
2806:R2D2
2791:Grum
2784:2019
2768:2018
2734:Kirk
2722:2017
2693:MEMZ
2666:2016
2635:2015
2579:2014
2558:2013
2512:2012
2488:Duqu
2471:2011
2440:2010
2178:Sabu
1930:TDO
1875:GNAA
1809:2019
1783:2018
1725:2017
1659:2016
1618:2015
1572:2014
1536:2013
1510:2012
1464:2011
1427:2010
1291:2016
1264:2015
1237:2015
1199:2015
1171:2015
1149:2015
1042:2015
998:2015
966:ISSN
827:2015
801:2015
775:2015
749:2015
723:2015
695:2015
641:2019
575:2015
546:2015
486:2020
430:2015
185:and
19:The
2529:FBI
2173:MLT
2037:) (
1331:".
1035:CNN
794:WSJ
568:NPR
231:row
51:'s
2842::
1313:.
1299:^
1280:.
1253:.
1228:.
1188:.
1138:.
1107:,
1103:,
1072:^
1062:.
1050:^
1033:.
1021:^
964:.
960:.
935:^
917:^
907:.
881:^
843:.
817:.
792:.
765:.
740:.
714:.
703:^
686:.
674:^
658:.
624:.
603:^
594:,
583:^
566:.
554:^
537:.
512:.
494:^
477:.
450:.
438:^
421:.
409:^
323:'
211:.
116:,
110:,
2041:)
2033:(
1378:e
1371:t
1364:v
1327:"
1317:.
1293:.
1266:.
1239:.
1201:.
1173:.
1151:.
1124:.
1066:.
1044:.
1015:.
1000:.
978:.
929:.
893:.
875:.
854:.
829:.
803:.
777:.
751:.
725:.
697:.
668:.
643:.
577:.
548:.
522:.
488:.
462:.
432:.
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.