June 25, 2015 By Michael Heller (c) TechTarget

The OPM director told a Senate hearing that passwords stolen from a contractor led to the OPM breach. Now, her job is on the line and the number of breached records could be on the rise.

OPM director Katherine Archuleta spoke at a hearing with the Senate on Tuesday and the House Oversight and Government Reform Committee on Wednesday. Archuleta said stolen passwords for a federal contractor were used by hackers in the two cyberattacks targeting federal employee data. Archuleta has also gone on record noting how long the breached systems were “neglected.”

Idan Tendler, head of Fortscale and a former agent of the 8200, Israel’s cyberwarfare specialist group, said the use of stolen credentials in this attack should not surprise anyone.

“It’s really no surprise that the OPM breach was traced back to a compromised credential as this is the case in nearly 80% of the breaches we have seen, including Target and Anthem,” Tendler said. “Compromised users continue to create great challenges for security teams. With legitimate access, it is difficult to detect whether an employee’s actions are actually being perpetrated by that employee or by an outside source.”

InCyber Comments:

Since stolen User (Employee or Contractor) Password was the cause of the OPM breach, it could have been prevented by the InCyber PAS (Pro-Active System). The InCyber PAS monitors online User Behavioral patterns. Any change in the normal behavior is investigated via an Intelligent Escalation Black Box (EBB) TM, to offer the highest accuracy of prediction. For additional information on the InCyber PAS write to: info@incyber.co

The complete article is available at: http://searchsecurity.techtarget.com/news/4500248794/Stolen-passwords-to-blame-for-OPM-breach-director-may-take-the-fall