22.1 Million People Compromised in Hack of Government Personnel Data

By
Views Of The Office of Personnel Management As Chinese Hackers Stole 4 Million Government Workers Records
OPM headquarters in D.C., the nondescript scene of the crime. Photo: Andrew Harrer/© 2015 Bloomberg Finance LP

Last month we learned that hackers stole the personal data of at least 4 million current and former government workers, and a few days later it was reported that every federal employee might be affected. Now that number has expanded to include people who merely know someone who tried to work for the federal government in the past 15 years. Following a forensic investigation of two cyberattacks in 2014, the Office of Personnel Management announced on Thursday that hackers accessed their files on least 22.1 million people — which is about 7 percent of the U.S. population, according to Business Insider. That includes information from 19.7 million people who applied for background checks, 1.8 million non-applicants (mainly applicants’ family members), and 4.2 million federal employees (about 3.6 million people were in both of the compromised systems).

Initially, the federal government suggested files of those seeking security clearances had not been compromised, but now OPM says the breach includes basically everything you could want to know about a person:

Following the conclusion of the forensics investigation, OPM has determined that the types of information in these records include identification details such as Social Security Numbers; residency and educational history; employment history; information about immediate family and other personal and business acquaintances; health, criminal and financial history; and other details.  Some records also include findings from interviews conducted by background investigators and fingerprints.  Usernames and passwords that background investigation applicants used to fill out their background investigation forms were also stolen.

While background investigation records do contain some information regarding mental health and financial history provided by those that have applied for a security clearance and by individuals contacted during the background investigation, there is no evidence that separate systems that store information regarding the health, financial, payroll and retirement records of Federal personnel were impacted by this incident (for example, annuity rolls, retirement records, USA JOBS, Employee Express).

It is a very big deal from a national security perspective and from a counterintelligence perspective,” FBI director James Comey told reporters on Thursday. He said he believes hackers have his Standard Form 86, which all applicants for security clearances are required to fill out. “If you have my SF 86, you know every place I’ve lived since I was 18, contact people at those addresses, neighbors at those addresses, all of my family, every place I’ve traveled outside the United States,” he said. “Just imagine if you were a foreign intelligence service and you had that data.”

The same party is believed to be responsible for both hacks, and Andy Ozment, a cybersecurity official at Homeland Security, said both times they gained access to the system “via a compromised credential of a contractor.”

U.S. officials have said China is the top suspect, and the White House is reportedly considering how it should respond to the unprecedented act of espionage. It’s a tough call, considering that following the Snowden leaks we know that government spying is rampant around the world. Zhu Haiquan, spokesman for the Chinese Embassy in Washington, offered an implausible denial, saying, “The Chinese government and the personnel in its institutions never engage in any form of cyberattack and firmly oppose and combat all the forms of cyberattacks.”