Data from U.S. agency cyber breach not on black market, researcher says

(Reuters) — Data stolen in a massive breach of the U.S. Office of Personnel Management has not shown up on the black market, a sign that a foreign government launched the attack, a researcher with U.S. cyber security firm FireEye Inc. said Monday.

No credible reporting shows the data on over 21 million Americans was for sale, Richard Bejtlich, chief security strategist at FireEye said, noting that individual hackers tend to quickly sell stolen data.

U.S. officials have linked the breach, which was disclosed in June, to hackers in China but have not formally identified the source of the attack.

"Everything points to this being a nation-state attack," Mr. Bejtlich said during a panel at a conference hosted by the Defense One media outlet.

"It's not the same as when someone steals credit cards from a major retailer and they're for sale in the black market within a day, and they're advertised as being fresh, and here are the limits."

Mr. Bejtlich said China mounted a similar attack against Taiwan's health care system in 2008, seizing health care records.

"Taiwan is the proving ground for everything else that happens in the world that comes from China. So we've seen this already," he said.

Jeff Coburn, who heads the major crimes unit of the Federal Bureau of Investigation's Cyber Division, declined to comment directly on the issue. But he said nation-state hackers generally did not seek to make money from the data they collected.