SolarWinds Attack by Chinese hackers has been reported to have targeted a federal payroll agency after exploiting a vulnerability in the Solarwinds software.
The payroll agency is recognized to be the National Finance Center(NFC) as one of the impacted institutions, specifically within the United States Department of Agriculture(USDA). It reveals the risks that have put hundreds of government employees in jeopardy.
Data maintained by the National Finance Center apparently include federal employee phone numbers, social security numbers, private email IDs, as well as banking information. According to The National Finance Center website, the organization employs more than 160 varied agencies, delivering payroll facilities to more than 600,000 federal employees.
Initially, a spokesperson on behalf of the USDA had mentioned notifying all individuals and organizations who were victims of the Solarwinds Orion hack. However, no data breach was identified to have affected the NFC relating to Solar Winds.
Even though confirmations are yet to be communicated, speculations suspect that the tools utilized by the Chinese hackers have been formerly linked with government-supported cyber activities.
While the Chinese foreign ministry states the cyberattack as a “complex technical case”, the agency also proclaims the fact that China staunchly counters and disputes any form of cybercrimes or attacks. “It may lead to superfluous hacking accusations referencing specific evidence.” the agency states.
Observations seem to be pointing towards the fact that the suspected cyber hack is unlinked from the Russian threat actors who were perpetuating the Solar Winds software cyber attack. More than 17,000 international, domestic, as well as a considerable number of federal bureaus of the government, like the Department of Homeland Security (DHS), was undermined in the Russian attack.
Security researchers had, however, formerly speculated the potential of a second cyber attack invading the SolarWinds attack’ software but reports of the alleged Chinese cyberattack have come out in the past week.