A company contracted to perform background checks for the US Department of Homeland Security said it had been a subject of a most likely state-sponsored cyber-attack.
According to the Washington Post, the attackers managed to steal personal information about Department of Homeland Security’s (DHS) employees from systems of Virginia-based US Investigations Services.
The breach is being investigated by the FBI while DHS has suspended all cooperation with the contractor.
A "multi-agency cyber response team is working with the company to identify the scope of the intrusion," DHS spokesman Peter Boogaard said in a statement.
"At this time, our forensic analysis has concluded that some DHS personnel may have been affected, and DHS has notified its entire workforce, out of an abundance of caution, to advise them to monitor their financial accounts for suspicious activity," he said, adding that employees whose data had likely been compromised would be informed.
The Office of Personnel Management (OPM) had also suspended work with USIS, the Washington Post reported, adding that government officials do not believe the breach has affected non-DHS employees.
"We are working collaboratively with OPM and DHS to resolve this matter quickly and look forward to resuming service on all our contracts with them as soon as possible," USIS said in the statement on its website.
"We will support the authorities in the investigation and any prosecution of those determined to be responsible for this criminal attack," it said.
"Experts who have reviewed the facts gathered to-date believe it has all the markings of a state-sponsored attack," the company said.
USIS, with its 5,700 employees, is the biggest commercial provider of background investigations to the US federal government and provides services in all US states and territories, as well as abroad.