The Chinese hackers who infiltrated the U.S. Office of Personnel Management and may have stolen information on every federal employee are not the same thieves who broke into Anthem health insurance, the cybersecurity firm FireEye reported. The group is based in China but works independently of Deep Panda, the military-backed group that hacked Anthem, according to the research firm.
FireEye has been monitoring the group since 2013 and has since learned that it trawls travel agencies and insurance companies for personally identifiable information (PII), FireEye told the tech news site Re/Code. Deep Panda is a Chinese People's Liberation Army group that has been blamed for a number of attacks on international governments, media organizations and national security agencies.
“We think this group uses similar back doors to Deep Panda to obtain access to a network, but then uses different tactics once they get access to the network,” Mike Oppenheim, an intelligence operations manager at FireEye, told Re/Code.
It's not clear if the group is operating with Beijing's support, FireEye said, or from exactly where it launched the hack from inside China's borders. The California-based cybersecurity company Crowdstrike was the first to pin blame on Deep Panda. It's common for cybersecurity companies to disagree with one another and the FBI about the origin of a state-sponsored hack because of the sophistication of the malicious software that's used.
The hack is just the latest in a series to target antiquated U.S. government Internet technology. At least 4 million people had their data stolen, the OPM said, including highly sensitive information on workers who applied for security clearances. A union president said last week there was evidence that information belonging to every federal employee had been taken.