Chinese hackers worked their way into US government servers in March in an attempt to steal information on thousands of federal employees with top-secret clearance, The New York Times reported Wednesday, citing officials within the US government.
The hackers were able to access some databases containing employee information but were eventually thwarted, the officials said.
The incident, which is still being assessed, is the latest known attack in a cyberwar -- ongoing and barely below the surface -- between the US and China. Both countries have publicly complained against the other. China asserts that the US has broken into its servers to steal information; the US says the same about China. Several reports over the last few years suggest that Chinese hackers have targeted everything from US government servers to corporate data networks.
The US is also concerned about China-based companies possibly working with the Chinese government to spy. China-based telecom equipment makers Huawei and ZTE have been accused by US lawmakers of being puppets of the Chinese government and planning to use their technology to steal data. Those companies have argued against the accusation, but US lawmakers say they have legitimate national-security concerns and have warned American companies not to do business with the two firms.
Last month, the US Justice Department filed charges against five alleged Chinese military hackers. They are charged with hacking American corporations and stealing information. China has denied the allegations.
According to the Times' sources, the US Department of Homeland Security is analyzing the latest attack to determine the extent to which the hackers were able to access federal data. So far, investigators believe that no "personally identifiable information" was collected, the Times reported, though the investigation is ongoing. It's not clear whether the hackers were allegedly acting on behalf of Chinese government or on their own.
The data that could have been accessed would have been extremely valuable to international spies. According to the Times' sources, the hackers were after a federal system known as e-QIP, which has massive amounts of personal data on individuals with top-secret clearance. The Times' sources say the database contains everything from those individuals' financial information to the most sensitive personal information.
CNET has contacted the Department of Homeland Security for comment on the data breach. We will update this story when we have more information.