WASHINGTON (Reuters) - A company that performs background checks for the U.S. Department of Homeland Security said on Wednesday it was the victim of a cyber attack, adding in a statement that “it has all the markings of a state-sponsored attack.”
The computer breach at Falls Church, Virginia-based US Investigations Services (USIS) probably involved the theft of personal information about DHS employees, according to the Washington Post, which first reported the story.
DHS said it had suspended all work with the company amid an investigation by the FBI. A “multi-agency cyber response team is working with the company to identify the scope of the intrusion,” DHS spokesman Peter Boogaard said in a statement.
“At this time, our forensic analysis has concluded that some DHS personnel may have been affected, and DHS has notified its entire workforce, out of an abundance of caution, to advise them to monitor their financial accounts for suspicious activity,” he said, adding that employees whose data had likely been compromised would be informed.
The Office of Personnel Management had also suspended work with USIS, the Post said, adding that government officials do not believe the breach has affected non-DHS employees.
"We are working collaboratively with OPM and DHS to resolve this matter quickly and look forward to resuming service on all our contracts with them as soon as possible," USIS said in the statement on its website. (here)
“We will support the authorities in the investigation and any prosecution of those determined to be responsible for this criminal attack,” it said.
“Experts who have reviewed the facts gathered to-date believe it has all the markings of a state-sponsored attack,” the company said.
USIS says it is the biggest commercial provider of background investigations to the federal government, has over 5,700 employees and provides services in all U.S. states and territories, as well as abroad.
Reporting by Eric Walsh; Editing by Eric Beech