The personnel records of about 4 million current and former federal employees were compromised in a cyberattack on the Office of Personnel Management. This attack is being attributed to China.
Citing iSight Partners, the Washington Post attributes the attack to the group that compromised Anthem. This group uses spearphishing, highly targeted deceptive emails, to deceive people into compromising their systems.
Deception takes place in the mind of the person who is being attacked. Users will decide which emails to trust. That decision can be guesswork or it can be guided by IT using SP Guard.