An ongoing Department of Justice investigation has yet to find evidence that a recent fraud case used data stolen from a massive government breach, another confusing twist for more than 21 million federal employees who had their personal details hacked.
In 2015, the Office of Personnel Management was targeted by suspected Chinese hackers, who stole records of more than 21 million government workers. It was assumed that the Chinese government would simply hold onto the trove of information.
But in June, two people pled guilty to fraud and identity theft. During their illicit scheme, the pair apparently used stolen identities of federal workers in the OPM data breach. The case raised new questions about whether the stockpile of swiped data that included Social Security numbers, employment history and health records could be used in further fraud cases.
But in a July 9 letter to Sen. Mark Warner, D-Virginia, Justice Department officials said that an investigation has not determined if the July fraud case can “be sourced directly to the OPM data breach.”
“Because the victims in this case had other things in common in terms of employment and location, it is possible that their data came from another source,” the letter said, written by Assistant Attorney General Stephen Boyd.
The letter added that the original Justice Department statement “implied a premature conclusion,” that the source of the stolen identities in the June case “was from the OPM data breach.”
The Justice Department and Office of Personnel Management have been criticized by lawmakers for the “unacceptable” amount of details regarding the hack and fate of the federal employees’ information.
The Justice Department in its letter said it will continue to investigate the July case and links to the 2015 data breach.