United Airlines ‘hacked’ by group likely responsible for OPM breach – report
The compromised data includes records of origins and destinations of United passengers’ flights as well as passenger manifests, Bloomberg reports, citing "several people familiar with the probe." This information could be used to augment China’s growing database on US defense and intelligence officials.
The hack was reportedly detected by United in May or early June. The breach potentially exposed the movements of millions of Americans to a China-based hacker group.
According to the report, the same group was implicated in the breach of the US Office of Personnel Management (OPM) in June, compromising the data of 21.5 million people. The breach was one of the most harmful cyber thefts in US history, and led to the resignation of OPM Director Katherine Archuleta.
The Congressional Research Service (CRS) released a new review of the OPM hack, detailing how cyber intelligence officers and their operations put covert intelligence officers at risk of being exposed, a big change in tone from the previous focus on breaches potentially leading to identity theft.
The CRS brief underscores widespread speculation that the “OPM data were taken for espionage rather than for criminal purposes” and stresses that the theft of sensitive employee information could go far beyond mere identity theft.
“A trove of data from breaches such as those at OPM can provide a number of avenues for criminals to exploit,” the report said. CRS warns that the compromised data might not even be used for less-serious cybercrime like identity theft, saying that “experts have been skeptical as to whether compromised information from the OPM breaches will even appear for sale in the online black market.”
CRS says the recent hacks have an even greater potential for damage “beyond mere theft of classified information.” The hackers could alter personnel files and even create fictitious ones. Some national security experts have compared the potential damage from the OPM hacks to Edward Snowden’s leaks of classified data from the National Security Agency, according to the Washington Post.
There have been media claims that the hacker group is backed by the Chinese state, but there have been no official accusations from the US government. CRS’s brief concluded that bringing criminal charges against the Chinese would be difficult, because “the OPM breach so far appears to be seen in the category of intelligence-gathering, rather than commercial espionage.”
The United Airlines hack is not believed to be directly related to network glitches in June and July that caused the airline to ground all flights. However, it appears that the hackers had access to United’s network for months, and one domain linked to the attack was set up in April 2014.