A company that conducts background checks on behalf of the U.S. Department of Homeland Security is apparently the victim of a cyber attack.
The company says the intrusion "has all the markings of a state-sponsored attack."
US Investigations Services, LLC (USIS) is based in Falls Church, Va. and it reported the attack. In a statement, the company wrote, "Our internal IT security team recently identified an apparent external cyber attack on our corporate network. We immediately informed federal law enforcement, the Office of Personnel Management (OPM) and other relevant federal agencies."
The company determined through expert analysis and fact gathering that the attack most likely came from a foreign government. For the time being, the company has suspended its contract work with DHS and OPM until the matter is resolved.
At DHS, spokesman Peter Boogaard said in a statement, "At this time, our forensic analysis has concluded that some DHS personnel may have been affected, and DHS has notified its entire workforce, out of an abundance of caution, to monitor their financial accounts for suspicious activity." DHS intends to inform individual employees if their information was accessed.
OPM will also suspend its activities with USIS while the FBI conducts its investigation. The attack is not believed to be related to an attack on OPM's databases in March. That particular incident was traced to China, and none of the hacked data was stolen since it was encrypted.
It is known that the Chinese military is waging a sophisticated cyber war on U.S. and other nations' military, government and industrial networks, although the Chinese government denies this, all while pointing to attacks on its networks by the U.S. and others.
According to U.S. government officials, over 100 foreign intelligence agencies have at one time or another tried to hack U.S. government and military networks.
USIS is the largest commercial provider of background investigations to the federal government. It has over 5,700 employees in all 50 states and U.S. territories and overseas. The company provides background checks, investigative analytics and biometric services. The company was founded in 1996, when the OPM decided to privatize its investigative branch. In this case, the spin-off of OPM functions into the private sector may have provided a serendipitous firewall between the hackers and OPM itself.
The company has been investigated for allegations that it has submitted incomplete background checks over the years. It is also known for conducting background checks on both Edward Snowden and Navy Yard shooter Aaron Alexis.