A company that performs background checks for the U.S. Department of Homeland Security confirmed this week that it was the victim of a cyber-attack, saying in a statement that "it has all the markings of a state-sponsored attack."
"(A) multi-agency cyber response team is working with the company to identify the scope of the intrusion," DHS spokesman Peter Boogaard said in a statement, according to Reuters.
The breach at Falls Church, Virginia-based US Investigations Services (USIS) likely involved the theft of DHS employee's personal information, according to a report by The Washington Post.
DHS confirmed to the paper, who first reported the story, that it had suspended all work with the company amid an investigation by the FBI.
"At this time, our forensic analysis has concluded that some DHS personnel may have been affected, and DHS has notified its entire workforce, out of an abundance of caution, to advise them to monitor their financial accounts for suspicious activity," Boogaard said, adding that employees whose data had likely been compromised would be notified.
The Office of Personnel Management suspended work with USIS, the Post confirmed.
Government officials don't think the breach affected non-DHS employees.
"We are working collaboratively with OPM and DHS to resolve this matter quickly and look forward to resuming service on all our contracts with them as soon as possible," USIS said in the statement on its website. "We will support the authorities in the investigation and any prosecution of those determined to be responsible for this criminal attack," it said.
USIS is the biggest commercial provider of background investigations to the federal government. It has over 5,700 employees and provides services in all U.S. states and territories, as well as abroad.
"Experts who have reviewed the facts gathered to-date believe it has all the markings of a state-sponsored attack," the company said.