US Wonders Why Stolen Data on Federal Workers Not for Sale

The Obama administration is increasingly confident that China’s government, not criminal hackers, was responsible for the extraordinary theft of personal information about as many as 14 million current and former federal employees and others.
US Wonders Why Stolen Data on Federal Workers Not for Sale
FILE - In this June 16, 2015 file photo, Office of Personnel Management (OPM) Director Katherine Archuleta pauses while testifying on Capitol Hill in Washington. AP Photo/Cliff Owen
The Associated Press
Updated:

WASHINGTON—The Obama administration is increasingly confident that China’s communist regime, not criminal hackers, was responsible for the extraordinary theft of personal information about as many as 14 million current and former federal employees and others, The Associated Press has learned. One sign: None of the data has been credibly offered for sale on underground markets popular among professional identity thieves.

Investigators inside U.S. intelligence and law enforcement agencies, using secret “beacons” employed across the Internet, have been monitoring data transmissions across overseas networks for the file properties associated with the American personnel records, and scouring communications among targeted foreign hackers for credible references to the theft, two people directly involved in the investigation said. They spoke on condition of anonymity because parts of the case and techniques being used are classified.

Investigation

The investigation is being coordinated at the little-known National Cyber Investigative Joint Task Force, which is led by the FBI and includes 19 intelligence agencies and law enforcement, including the National Security Agency, CIA, Homeland Security Department, Secret Service, and U.S. Cyber Command.

Investigators also have watched underground markets where identity thieves peddle information and found no trace of the data stolen from the U.S. Office of Personnel Management, they said. In the chessboard world of espionage, they also acknowledged that by revealing what they said was indirect evidence that spying was actually the motive, it might encourage Beijing’s authorities to sell at least some of the data surreptitiously to implicate identity thieves in what would be a counter-counterintelligence false-flag operation.

China has openly denied involvement in the break-in, and the United States has publicly provided no direct evidence proving China was responsible.

The cyberspies obtained detailed background information on millions of military, intelligence, and other personnel who have been investigated for security clearances.