Report: Chinese hacked security contractor

Chinese hackers roamed around unnoticed for months inside the networks of U.S. Investigations Services (USIS), the government’s main security clearance contractor, according to an Associated Press report.  

Lawmakers have been pushing for answers about the breach, which exposed the records of at least 25,000 Department of Homeland Security (DHS) employees. USIS said in August that the incident had “all the markings of a state-sponsored attack.”

Characteristics of the intrusion mirrored a previous breach at the Office of Personnel Management (OPM) in March, when Chinese hackers went after the files on tens of thousands of employees with top-secret clearances.


After the USIS breach was made public in August, the OPM said it would not renew its contracts with the company, worth roughly $320 million. USIS later laid off its 2,500 investigators.

The security checking company had already been a focal point of controversy. 

In January, the Department of Justice alleged it took shortcuts on 40 percent of its background checks, roughly 665,000 in total. USIS blamed any malfeasance on "a small number of employees," and pointed to changed leadership and enhanced oversight in response to the allegations.

Regardless, the company received a contract over the summer with the U.S. Citizenship and Immigration Services worth up to $190 million dollars, outraging lawmakers. The Government Accountability Office later ruled the government should reconsider the contract.  

After the recent breach, the chairman and ranking member of the Senate Homeland Security and Governmental Affairs Committee pressed the DHS for details about USIS’s compromised records.

The incident “raises many questions about the safeguards contractors are taking to protect against cyber intrusions, as well as the oversight provided by the contracting agency,” said Sens. Tom CarperThomas (Tom) Richard CarperOvernight Energy: EPA watchdog finds Pruitt spent 4K on 'excessive' travel | Agency defends Pruitt expenses | Lawmakers push EPA to recover money | Inslee proposes spending T for green jobs Lawmakers take EPA head to task for refusing to demand Pruitt repay travel expenses Dems request investigation of lobbyist-turned-EPA employee who met with former boss MORE (D-Del.) and Tom CoburnThomas (Tom) Allen CoburnThe Hill's Morning Report — Presented by PhRMA — Worries grow about political violence as midterms approach President Trump’s war on federal waste American patients face too many hurdles in regard to health-care access MORE (R-Okla.).

The two requested answers by Oct. 16. Neither office immediately responded to questions about what information they had received.

Carper is behind a bill that would set stricter guidelines for government agency information security policies.

The FBI has not officially confirmed the AP report, only acknowledging “there is some attribution” without specifying exactly who was responsible.

This story was updated at 8:02 p.m.