According to a Wall Street Journal report, the breach was indeed discovered in April. But according to sources who spoke to the WSJ‘s Damian Paletta and Siobhan Hughes, it was in fact discovered during a sales demonstration of a network forensics software package called CyFIR by its developer, CyTech Services. „CyTech, trying to show OPM how its cybersecurity product worked, ran a diagnostics study on OPM’s network and discovered malware was embedded on the network,“ Paletta and Hughes reported.