On June 4, OPM announced that records on more than 4 million current and former federal employees had been exfiltrated in a breach traced back to December 2014. The agency first noticed malicious activity on its servers in April after installing more robust security tools and discovered in May that sensitive personal information had been stolen.
The breach could extend further, however, as the same threat signature was detected attempting to access other federal networks.
Another official said the signature had been identified elsewhere, however no other successful breaches have been attributed to this attack at this time.
An official at the Interior Department, which manages the shared service data center that houses OPM's servers, said the investigation is ongoing but, as of yet, the breach seems to be contained to OPM.
"There is currently no evidence that data from other customers was exfiltrated," the official said.
"The Department of the Interior is working closely with OPM, the Department of Homeland Security and the FBI as they investigate this cybersecurity incident potentially affecting personnel data," an agency spokesperson said. "Interior is employing a comprehensive, multi-pronged remediation strategy to prevent, detect and act against malicious activity on our network in order to respond and recover following an incident."
Interior representatives declined to comment further, citing the ongoing investigation.
Aaron Boyd is an awarding-winning journalist currently serving as editor of Federal Times — a Washington, D.C. institution covering federal workforce and contracting for more than 50 years — and Fifth Domain — a news and information hub focused on cybersecurity and cyberwar from a civilian, military and international perspective.