The recent OPM hack that resulted in personal data on millions of federal workers being nabbed has been linked to the Anthem breach that happened earlier this year, at least according to sources who claim to have knowledge of the matter. The OPM breach hackers, which have been pegged as originating from China, is said to have been caused by hackers who have a different mission than the Chinese military hackers allegedly behind cyberattacks on US companies and organizations.
The information comes from Reuters, which cites “people familiar with the matter” as stating the Chinese hacking group appears to have counter-intelligence purposes rather than being the result of the military. The OPM hackers are said to have used a tool called Sakula to gain remote control of machines — the same tool that was used in the Anthem insurance breach.
Both breaches were said to have been pulled off using software signed by a certificate swiped from DTOPTOOLZ, according to sources. Furthermore, the aforementioned Anthem hack was reportedly done by a hacking collective tied to the Chinese Ministry of State Security. The sources claim this group is responsible for the Anthem breach, OPM hack, and other cyberattacks.
It isn’t clear how many individuals are part of this hacking collective, nor how many companies and entities it has targeted and successfully breached. The US government has not commented on the information or formally accused China of the OPM breach at this point.