Two government agencies Wednesday said they limited operations with a
major government contractor that oversees hundreds of thousands of
security clearance background checks for civilian and military workers
after the contractor reported it had been targeted by a cyber-attack.
contractor, USIS, did not identify the suspected culprit but said in a
statement that the cyber-attack had "the markings of a state-sponsored
attack." An official with the Department of Homeland Security said the
intrusion may have compromised some of its employees' information.
once known as U.S. Investigations Services, Inc., has been under
criticism in Congress in recent months for its performance in conducting
background checks on National Security Agency leaker Edward Snowden and
on Aaron Alexis, a military contractor employee who killed 12 people
during shootings at the Navy Yard in September 2013.
contractors conduct background checks on more than two-thirds of the 4.9
million government workers with security clearances, and USIS handles
nearly half of that number. Many of those investigations are performed
under contracts with the Office of Personnel Management, the Department
of Homeland Security and the Defense Department.
spokeswoman said the agency was temporarily halting all of USIS's
background check fieldwork "out of an abundance of caution." The
spokeswoman, Jackie Koszczuk, said the hiatus will allow USIS to take
"necessary steps" to protect its systems.
OPM's own computers were
reportedly penetrated earlier this year by Chinese hackers, according
to a New York Times account. The agency's databases were breached in
March before the threat was detected and blocked, the Times reported in
A DHS spokesman said it had issued "stop-work orders halting
the provision of additional sensitive information" to USIS until the
agency was confident that the firm could protect that material. The
spokesman, Peter Boogard, said the FBI had begun an investigation into
the matter. Boogard said the agency was separately working to identify
the scope of the breaches and where they occurred.
The firm said
in a statement on its website that it was working with law enforcement
and had retained "an independent forensics investigative law firm to
determine the precise nature and extent of any unlawful entry into our