A second major intrusion into U.S. government employee records, this one designed to root out names of those who might be willing to spy for a foreign government, was uncovered during the investigation into the first such breach announced this month, two officials said Friday.

The newly discovered breach compromised financial histories and information on family members and foreign trips for up to 4.1 million federal employees, according to a senior administration official and an FBI official.

Though the U.S. government has not announced publicly who is behind the two cyberattacks, officials have said privately it is China.

The senior official, who like the FBI official would not be named because the case is continuing, said the administration was reviewing what happened and trying to determine how deep the impact might be.


After the discovery of the breach, which occurred in December, the Office of Personnel Management “immediately implemented additional security measures and will continue to add protections for the sensitive information it manages,” the official said.

Last week, the OPM announced that a major intrusion had occurred into the agency’s personnel files of both current and former federal employees. That breach was discovered in April, and it was during an investigation into that intrusion that the officials learned of the earlier breach.

Also on Friday, the White House Office of Management and Budget announced it was leading a “broad strategy to combat cyberthreats” and strengthen the federal government’s computer security.

“Recent events underscore the need to accelerate the administration’s cyberstrategy and confront aggressive, persistent malicious actors that continue to target our nation’s cyber infrastructure,” the office said in a statement.


Staff writer Christi Parsons contributed to this report. On Twitter: @RickSerranoLAT