Reports tie together Anthem and OPM data breaches

As previously reported, the same Chinese perpetrators might have carried out both the Anthem data breach and Office of Personnel Management (OPM) breaches, according to a Reuters report.

The hackers in both breaches appear to have used a “rare tool,” known as Sakula, to take remote control of computers. Only Chinese hacking teams have previously used the tool, Reuters stated.

Hackers in both organizations' breaches used malicious software signed by certificates stolen from DTOPTOOLZ Co, a Korean software company. The company maintained it had no part in the breaches.

All the incidents also led victims to phony websites resembling legitimate ones. For instance, the attackers registered OPMLearning.org to trick employees into turning over their names and passwords.

President Barack Obama has yet to attribute the OPM breaches to China.

Meanwhile, OPM Director Katherine Archuleta is scheduled to appear before a Senate panel Thursday morning.

You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS