Far Worse Than Acknowledged: Hack Compromised Every US Federal Worker

© AFP 2022 / Thomas SamsonThe US government on Thursday said that hackers accessed the personal data of at least four million current and former federal employees.
The US government on Thursday said that hackers accessed the personal data of at least four million current and former federal employees. - Sputnik International
Subscribe
International
India
The massive data breach into federal agencies announced last week may have gone even deeper than previously acknowledged. Whoever breached the US Office of Personnel Management may have stolen the personal data of every federal employee.

According to a federal employee union, hackers may have gained vital information, including Social Security numbers, on every employee of the federal government. 

Hacking - Sputnik International
Chinese Embassy Slams US for 'Hypothetical' Federal Data Breach Accusations

That data includes military records and veterans status information, addresses, birth dates, job and payment histories, health insurance, life insurance, and pension information. It also includes age, gender, and race data, according to a letter sent to OPM Director Katherine Archuleta by J. David Cox, president of the American Federal of Government Employees. That letter was obtained by the Associated Press.

"We believe that Social Security numbers were not encrypted, a cybersecurity failure that is absolutely indefensible and outrageous," the letter said.

"Based on the sketchy information OPM has provided, we believe that the Central Personnel Data File was the targeted database, and that the hackers are now in possession of all personnel data for every federal employee, every federal retiree, and up to one million former federal employees."

For its part, the OPM has reportedly denied that every federal employee has been affected.

While US officials have yet to publicly point fingers, US Senate Minority Leader Harry Reid stated that the hack was carried out by "the Chinese." The Chinese government has repeatedly denied any involvement in the data breach, especially in light of the fact that the US has presented no evidence to support its claims.

While the OPM has publicly downplayed the extent of the breach, insisting only limited personal data was compromised, the union based its findings on internal agency briefings.

The head of the US National Security Agency has clarified that the United States may use physical retaliation against the perpetrators of a cyberattack. - Sputnik International
NSA Chief: We May Retaliate for Cyberattacks With Real Weapons

The intrusion into OPM's systems began over a year ago, according to officials speaking to ABC News, and hackers were able to weed through four security "segments" over that time. Much of the stolen personal data was gleaned from SF-86 forms filled out by every federal employee seeking a security clearance. The breach was only discovered after OPM began upgrading its systems.

The OPM maintains that the information of family members of federal employees has not been affected by the breach, though US officials speaking on condition of anonymity to ABC have suggested otherwise.

"IF the SF-86's associated with this hack were, in their entirety, part of the stolen information, then that would mean the potential release of a staggering amount of information, affecting an exponential amount of people," the source said.

"Since the investigation is ongoing, additional PII exposures may come to light," an OPM official said Sunday. "In that case, OPM will conduct additional notifications as necessary."

Newsfeed
0
To participate in the discussion
log in or register
loader
Chats
Заголовок открываемого материала