Two U.S. federal agencies have halted background checks with a contractor that said Wednesday its networks had been breached in a cyberattack suspected to have been coordinated by an unnamed country.
US Investigations Services (USIS), based in Falls Church, Virginia, said federal law enforcement is investigating the incident, which it claimed "has all the markings of a state-sponsored attack," according to a statement. It has hired a computer forensics firm to "determine the precise nature and extent of any unlawful entry into our network."
The Office of Personnel Management (OPM) and the Department of Homeland Security (DHS) temporarily suspended its contracts with the company, but USIS said it hoped to resume business soon.
USIS, which is now part of a group of companies including Kroll and HireRight owned by Altegrity, formed in 1996 after the OPM privatized its background-check functions, according to the company's website. It does employee background investigations for the government as well as other security-related investigations, such as health care fraud.
USIS said it had invested heavily in security but that cyberattacks had become an epidemic. It said it could not provide further details because an active investigation is underway.
The cyberattack adds to the contractor's difficulties of late. USIS performed the background check for former National Security Agency contractor Edward Snowden, who leaked classified intelligence documents to several publishers last year. It has also been under investigation by the U.S. Department of Justice for allegedly taking short cuts during background checks.
Sign up for Computerworld eNewsletters.