(Bloomberg) — The disclosure by U.S. officials that Chinese hackers stole records of as many as 4 million government workers is now being linked to the thefts of personal information from health care companies.
Forensic evidence indicates that the group of hackers responsible for the U.S. government breach announced Thursday likely carried out attacks on health-insurance providers Anthem Inc. (NYSE:ANTM) and Premera Blue Cross that were reported earlier this year, said John Hultquist of iSight Partners Inc., a cyber-intelligence company that works with federal investigators.
The thefts are believed to be part of a larger effort by Chinese hackers to get health care records and other personal information on millions of U.S. government employees and contractors from various sources, including insurers, government agencies and federal contractors, said an American intelligence official, speaking on condition of anonymity.
In May, for example, CareFirst, one of the insurers that provides coverage for members of Congress and some of their aides through the DC Health Link exchange, reported that hackers had broken into its systems.
See also: Hackers breach D.C. insurer in latest attack on health company
The data could be used to target individuals with access to sensitive information who have financial, marital or other problems and might be subject to bribery, blackmail, entrapment and other traditional espionage tools, the official said.
“It is not only the scale that is of interest — 4 million employees — or even that the reason could be to use the information to recruit spies in America, but that people are now part of China-critical nodes in their cyber strategy,” said Rosita Dellios, an associate professor of international relations at Bond University on Australia’s Gold Coast.
See also: 5 recent data breaches
“Usually in cyber strategy, it is critical infrastructure like energy grids, transportation, and satellites that are mentioned. Here we have a whole class of people crucial to U.S. security being targeted,” she said.
The hackers, believed to have links to the Chinese government, got into the U.S. Office of Personnel Management (OPM) computer system late last year, according to one U.S. official, who asked for anonymity to discuss the investigation. The intrusion was detected in April and it took U.S. investigators a month to conclude that the files had been compromised. It was one of the largest breaches of government personnel data.
Indianapolis-based Anthem, which runs Blue Cross and Blue Shield health plans, said in February that hackers stole information on about 80 million customers, exposing Social Security numbers and other sensitive information. In March, Premera Blue Cross, a Spokane, Wash.-based company that operates in the Northwest, said information on 11 million people may have been exposed.
A spokesman for the Chinese Embassy in Washington, Zhu Haiquan, said his country’s laws prohibit cybercrimes and China works to combat violations.
“Cyber-attacks conducted across countries are hard to track and therefore the source of attacks is difficult to identify,” he said in an e-mailed statement. “Jumping to conclusions and making hypothetical accusation is not responsible and counterproductive.”
See also: Health insurers sail into cyber marshmallow zone
The revelations could complicate the agenda for Chinese President Xi Jinping’s first state visit to the U.S. in September. Ties between the two countries already are strained over American demands that China stop its island-building program in the South China Sea.