Chinese hackers have breached the Office of Personnel Management (OPM) and obtained the records of over 4 million present and present employees, officials said Thursday.

The agency, which handles government security clearances and federal employee records, detected the breach in April following the implementation of an “updated cyber security posture.”

OPM said in a statement that it would inform the approximately 4 million people affected that their data may have been comprised, and would continue to send out notifications if it is discovered that even more records had been accessed.

Of note, 1.5 million employees of OPM serve as uniformed military personnel.

It further added that it was doing everything it could to make sure it does not occur again:

Since the intrusion, OPM has instituted additional network security precautions, including: restricting remote access for network administrators and restricting network administration functions remotely; a review of all connections to ensure that only legitimate business connections have access to the internet; and deploying anti-malware software across the environment to protect and prevent the deployment or execution of tools that could compromise the network.

The target of the hack is said have been Social Security numbers and other personal identifying information, making in unclear whether the intent of the hackers was one of commercial gain or espionage.

The agency has offered current and former employees free credit monitoring for 18 months to make sure that their identities had not been stolen, and utilized in any nefarious manner.

State-sponsored hacking

Although not confirmed by OPM itself, The Washington Post reported that “U.S. officials, who spoke on the condition of anonymity, citing the ongoing investigation, identified the hackers as being state-sponsored.”

The Chinese Government is believed to have been behind previous attacks, including that of health insurance giant Anthem, Inc., and the hacking follows in the footsteps of the White House and State Department having their email systems being compromised in an attack that was attributed to Russian hackers.

The F.B.I. said separately that it was working with other agencies to investigate the matter, adding “We take all potential threats to public and private sector systems seriously, and will continue to investigate and hold accountable those who pose a threat in cyberspace.”

The hack is being called by experts as the biggest theft of Government data in history.

Image credit: azrainman/Flickr/CC by 2.0