Why Did China Hack Federal Employees' Data?

There’s still a great deal that hasn’t been explained about why and how the federal employee hack happened, and whose data was compromised. There are, however, some emerging answers to three key questions: Who did it, why, and how it happened.

Early on, the government fingered Chinese hackers in the leak. How did they do it, though? The government has a large, costly, sophisticated, and mostly secret system for protecting its data. But that system is, even according to the government, obsolete. It follows an old protocol of attempting to keep hackers outside, like a fence. Newer systems assume hackers will get through the outside defense and try to stop them once they’re inside. The US had been warned that it wasn’t ready in an inspector general’s report late in 2014. By the time the report landed, it was apparently too late, but many of the steps it recommended still haven’t been taken. Critics have also wryly noted that a huge incursion into sensitive employee information tends to undermine the government’s claims that its intelligence apparatus can protect huge amounts of personal information swept up in surveillance dragnets. As one former senior official said, “The mystery here is not how they got cleaned out by the Chinese. The mystery is what took the Chinese so long.”