WASHINGTON Nov 2 Data stolen in a massive
breach of the U.S. Office of Personnel Management has not shown
up on the black market, a sign that a foreign government
launched the attack, a researcher with U.S. cybersecurity firm
Fireeye Inc said on Monday.
No credible reporting shows the data on over 21 million
Americans was for sale, Richard Bejtlich, chief security
strategist at Fireeye said, noting that individual
hackers tend to quickly sell stolen data.
U.S. officials have linked the breach, which was disclosed
in June, to hackers in China, but have not formally identified
the source of the attack.
"Everything points to this being a nation-state attack,
Bejtlich said during a panel at a conference hosted by the
Defense One media outlet.
"It's not the same as when someone steals credit cards from
a major retailer and they're for sale in the black market within
day, and they're advertised as being fresh, and here are the
Bejtlich said China mounted a similar attack against
Taiwan's health care system in 2008, seizing health care
"Taiwan is the proving ground for everything else that
happens in the world that comes from China. So we've seen this
already," he said.
Jeff Coburn, who heads the major crimes unit of the Federal
Bureau of Investigation's Cyber Division, declined to comment
directly on the issue. But he said nation-state hackers
generally did not seek to make money from the data they
(Reporting by Andrea Shalal; Editing by Richard Chang)