A new report claims that the same China-backed hacking group responsible for the attacks on United Airlines Inc....
and Anthem Health Services could be responsible for the massive federal data breach of the U.S. Office of Personnel Management (OPM).
According to a report by Bloomberg Business, unnamed sources said United Airlines systems were breached in May or early June. Three of the people familiar with the breach investigation said investigators found a link to the same Chinese hackers that were said to be behind the Anthem and OPM breaches.
The report claims that in addition to the health data from Anthem and personally identifiable data from OPM, the same group now has the travel information of millions of Americans, including government and military personnel.
The breach of United Airlines systems has not been announced, and while United did not directly deny that an attack occurred, it did deny that any data had been stolen.
"These reports are based on pure speculation and we can assure our customers that their personal information is secure," United said in a statement to TechTarget. "We remain vigilant in protecting against unauthorized access, and use top advisors and best practices on cybersecurity to maintain our effectiveness."
The U.S. Department of Homeland Security declined to comment on the investigation.
Jason Polancichfounder and chief architect at SurfWatch Labs Inc.
Jason Polancich, founder and chief architect at SurfWatch Labs Inc., said that even if investigators aren't collaborating, there should be enough evidence to prove that the same hackers are behind the attacks.
"If the United Airlines event has the same look and feel of past hacks, like Anthem and OPM, the law enforcement community should have forensic evidence from those events for comparison," Polancich said. "The Secret Service, FBI and contract investigators often collaborate and coordinate. If the forensic evidence from one looks like the evidence from another, conclusions start to get drawn."
However, Polancich said there is too much focus on the attribution of the attacks and not enough focus on how enterprises can keep their systems safe from similar breaches.
"Speculation that China is responsible for the United Airlines breach is interesting, but at this point, irrelevant," Polancich said. "Too many companies have a false sense of security, thinking it won't happen to them. Pair that with the fact that hacking tools are available to virtually everyone today via illicit trade on the Dark Web and in other places, and you've got a recipe for disaster. I'm sure this is a wake-up call to all airlines. To be most effective, cyber should intersect with physical and operational security, and so many companies aren't thinking that way. The value of intelligence is critically missing."
Learn more about the United Airlines bug bounty program