OPM hackers suspected in United Airlines breach

OPM hackers suspected in United Airlines breach
© Getty Images

The same Chinese hackers that are accused of pilfering tens of millions of people’s data from health insurers and the federal government may have also hit United Airlines, Bloomberg reported.

If true, the data breach of the world’s second-largest airline would give Beijing officials detailed travel records on millions of Americans. The data would also help fill out the comprehensive database it’s believed China is amassing on U.S. government workers.

ADVERTISEMENT

United discovered a network intrusion sometime in May or June, several people briefed on the investigation told Bloomberg. Examiners traced the compromise to China-backed hackers that are believed to be behind several other notable data breaches in recent months, including those at health insurers Anthem and Premera and at the Office of Personnel Management (OPM).

All these hacks occurred on remarkably similar timeframes and share a number of technical similarities. While security experts have disputed whether one or multiple groups of Chinese cyber warriors are responsible for the incidents, nearly all agree that Chinese hackers with some government affiliations are responsible.

Government officials have also privately blamed Beijing for orchestrating the OPM hacks, which exposed over 22 million workers’ personnel files and exhaustively detailed security clearance check forms.

Intelligence and national security experts fear Chinese intelligence officials will now combine the purloined medical, financial and travel records with security clearance data to blackmail officials and recruit informants.

National Security Agency Director Adm. Michael Rogers addressed the concern during an interview last week at the Aspen Security Forum in Colorado.

The stolen OPM data, he said, “gives you great insight potentially used for counterintelligence purposes.”

“If I’m interested in trying to identify U.S. persons who may be in my country, and I am trying to figure out why they are there. Are they just tourists? Are they there for some other alternative purpose? There are interesting insights from the data you take from OPM.”

United Airlines travel logs would only make it easier to track exactly where and when these American citizens were travelling. The airline is a major government contractor, inking deals to carry military personnel and federal employees.

The potential United breach also raises questions about two separate incidents in which computer system outages caused the airline to ground flights for several hours, stranding thousands of fliers.

The airline and government officials have insisted there is no indication that malicious actors were behind the network glitch.

Those briefed on the United investigation told Bloomberg that the breach was not tied to the July 8 network outage, which occurred the same day the New York Stock Exchange went down for four hours due to a software update gone awry.

But they would not rule out a loose affiliation to the second incident on June 2, in which United’s check-in system went down, causing long lines and delays.

Such an attack is not without precedent. After Polish airline LOT recently suffered a similar network outage, executives acknowledged LOT had been hit by a digital assault from which the company said no airline was safe.

The reported United hack is likely to accelerate the already growing fears that airlines and the entire air traffic control system are sitting ducks for hackers.  

The Federal Aviation Administration (FAA) has acknowledged that serious cybersecurity concerns plague the industry.

In February, the agency itself admitted that hackers had spread malicious software through its systems. A government watchdog report also warned that cyber saboteurs could potentially disrupt U.S. flight routes.

In response, the FAA in June convened a committee to develop a set of cybersecurity protections for the industry.