Chinese hackers appear to have accessed sensitive data on US intelligence and military personnel, American officials say.
Details of a major hack emerged last week, but officials have now given details of a potential second breach.
It is feared that the attack could leave US security personnel or their families open to blackmail.
The Office of Personnel Management (OPM), is yet to comment on the reports.
Officials, who spoke on condition of anonymity to the Associated Press, believe the attackers have targeted the forms submitted by intelligence and military personnel for security clearances.
The document includes personal information – everything from eye color, to financial history, to past substance abuse, as well as contact details for the individual’s friends and relatives.
Photo Getty Images
A 127-page vetting document called Standard Form 86 may have been accessed. Among the questions potential employees are asked:
In the past seven years, have you defaulted on any loans?
Have you ever voluntarily sought counseling or treatment as a result of your use of alcohol?
In the last seven years, have you illegally used any drugs or controlled substance?
A White House statement said investigators had a “high degree of confidence” that background information on government employees had been accessed.
Joel Brenner, a former US counterintelligence official, called the data a “gold mine” for hackers.
It is also believed the breach of personal data of US government workers announced last week may be far larger than previously reported.
Initial estimates put the number of people potentially affected at four million, but officials close to the investigation told AP that as many as 14 million might be involved.
The US has said the hackers, thought to be behind both attacks, are believed to be based in China. Beijing called the claims “irresponsible”.
The Obama administration meanwhile announced further measures to beef up cybersecurity on June 12.
A White House statement said: “Recent events underscore the need to accelerate the administration’s cyber strategy and confront aggressive, persistent malicious actors that continue to target our nation’s cyber infrastructure.”
Australian Foreign Minister Bob Carr says a report alleging Chinese hackers stole plans for Australia’s new intelligence hub will not hit ties with Beijing.
On Monday the Australian Broadcasting Corporation (ABC) reported blueprints setting out the building’s cable layouts and security systems had been illegally accessed by a server in China.
Bob Carr did not comment directly on the claims.
But he said the government was “very alive” to cyber security threats.
“I won’t comment on whether the Chinese have done what is being alleged or not,” he said.
“I won’t comment on matters of intelligence and security for the obvious reason: we don’t want to share with the world and potential aggressors what we know about what they might be doing, and how they might be doing it.”
Bob Carr said the ABC report had “no implications” for a strategic partnership.
“We have enormous areas of co-operation with China,” he said.
The claims were made in a report on Chinese cyber-espionage by ABC’s Four Corners investigative programme on Monday night.
Chinese hackers stole plans for Australia’s new intelligence hub
The programme alleged that blueprints to the new intelligence headquarters in Canberra – due to be finished last year but delayed – were stolen in a cyber attack on a contractor that was traced to a server in China.
The plans detailed communications cabling and server locations, floor plans and security systems, the programme alleged.
It quoted Professor Des Ball, an expert on cyber security from the Australian National University, as saying access to such details would enable an outside party to identify rooms used for sensitive activities and work out how to monitor them.
The programme also alleged that the Prime Minster’s Office, the Defence Ministry and the Department of Foreign Affairs had been breached in hacking operations.
Four Corners did not identify the source of its information.
Chinese Foreign Ministry spokesman Hong Lei rejected the claims, saying “groundless” accusations would not solve the problem of cyber hacking.
“Since it is technically untraceable, it is very difficult to find the source and identify the hacker,” he said.
“Therefore we have no idea what is the evidence for their report in which they make the claim with such certainty.”
Earlier this year, hackers from China – which is now Australia’s biggest trading partner – were thought to be behind an attack on the Reserve Bank of Australia, the Australian Financial Review reported.
The issue of cyber espionage looks set to be high on the agenda when the US and Chinese presidents hold their first summit in California next month.
Earlier this month, the Pentagon for the first time directly accused the Chinese government and military of targeting US government computers as part of a cyber espionage campaign aimed at collecting intelligence on US diplomatic, economic and defence sectors.
China called the report “groundless”, saying it represented “US distrust”.
Google Chairman Eric Schmidt called China an Internet menace that backs cyber-crime for economic and political gain in a new book, The New Digital Age, due for release in April.
The New Digital Age reportedly brands China “the world’s most active and enthusiastic filterer of information”.
China is “the most sophisticated and prolific” hacker of foreign companies, according to a review obtained by the Wall Street Journal (WSJ).
China denies allegations of hacking.
Beijing has been accused by several governments, foreign companies and organizations of carrying out extensive cyber espionage for many years, seeking to gather information and to control China’s image.
The New Digital Age analyses how China is dangerously exploiting an Internet that now permeates politics, business, culture and other aspects of life, the WSJ says.
It quotes the book as saying: “The disparity between American and Chinese firms and their tactics will put both the government and the companies of the United States at a distinct disadvantage.”
This, it says, is because Washington “will not take the same path of digital corporate espionage, as its laws are much stricter (and better enforced) and because illicit competition violates the American sense of fair play”.
Google Chairman Eric Schmidt called China an Internet menace that backs cyber-crime for economic and political gain in a new book, The New Digital Age, due for release in April
The book argues that Western governments could do more to follow China’s lead and develop stronger relationships between the state and technology companies.
States will benefit if they use software and technology made by trusted companies, it suggests.
“Where Huawei gains market share, the influence and reach of China grow as well,” the WSJ quoted the authors as writing.
The WSJ this week said its computer systems had been hacked by specialists in China who were trying to monitor its China coverage.
It was the second reported attack on a major US news outlet in days, as the New York Times reported earlier that Chinese hackers had “persistently” penetrated its systems for the last four months.
China’s foreign ministry dismissed the New York Times’ accusations as “groundless” and “totally irresponsible”.
Chinese hackers have “persistently” infiltrated the New York Times for the last four months, the US paper says.
The New York Times said the attacks coincided with its report into claims that the family of Chinese Premier Wen Jiabao had amassed a multi-billion dollar fortune.
The hackers used methods which have been “associated with the Chinese military” to target the emails of the report’s writer, the paper said.
China’s foreign ministry dismissed the accusations as “groundless”.
“To arbitrarily assert and to conclude without hard evidence that China participated in such hacking attacks is totally irresponsible,” said spokesman Hong Lei.
“China is also a victim of hacking attacks. Chinese laws clearly forbid hacking attacks, and we hope relevant parties takes a responsible attitude on this issue.”
According to the New York Times, the hackers first broke into their computer system in September, as the report on Wen Jiabao was nearing completion.
The report, which was dismissed as a “smear” by the Chinese government, said Wen Jiabao’s relatives had amassed assets worth at least $2.7 billion through business dealings. It did not accuse the Chinese premier of wrongdoing.
China is sensitive about reports on its leaders, particularly when it comes to their wealth.
The New York Times said the hacking was focused on the computers of David Barboza, the paper’s bureau chief in Shanghai who wrote the report, and one of his predecessors, Jim Yardley.
The New York Times said the attacks coincided with its report into claims that the family of Chinese Premier Wen Jiabao had amassed a multi-billion dollar fortune
Internet security firm Mandiant, which was hired by the Times to trace the attack, followed the hackers’ movements for four months, to try to establish a pattern and block them.
The hackers had installed malware which enabled them to access any computer using the New York Times network, steal the password of every employee, and access 53 personal computers, mostly outside the Times offices.
The security firm found that in an attempt to hide the origin of the attack, it had been routed through computers in US universities which, the paper said, “matches the subterfuge used in many other attacks that Mandiant has tracked to China”.
The Times said experts had found that the attacks “started from the same university computers used by the Chinese military to attack United States military contractors in the past”.
They found the hackers began working for the most part at 08:00 Beijing time.
Mandiant’s chief security officer, Richard Bejtlich, said that “if you look at each attack in isolation, you can’t say, <<This is the Chinese military>>,” but that the similar patterns and targets of the attacks indicated a connection.
“When you see the same group steal data on Chinese dissidents and Tibetan activists, then attack an aerospace company, it starts to push you in the right direction,” he said.
The paper said no personal data of staff or customers was stolen and that no attempt was made to shut down its website.
“They could have wreaked havoc on our systems,” said chief information officer Marc Frons. But he said what they appeared to be looking for were “the names of people who might have provided information to Mr. Barboza”.
There was also no evidence that sensitive emails or files on the Wen family had been accessed, or that the intruders had sought information unrelated to the Wen family, the paper said.