Millions more fingerprints deemed stolen in government hack

The hack was uncovered the past spring and compromised of security clearance records that date back several years.

The news comes just ahead of a visit to Washington, D.C., by Chinese President Xi Jinping. Some USA officials blamed the Chinese government hackers in order to obtain relevant data.

President Barack Obama has said cyber security will be a major focus of his talks with Mr Xi at the White House today. He also recently stated China has to put an end to industrial espionage in cyberspace by their government or proxies.

The USA said no evidence has surfaced yet suggesting the stolen data has been abused, though they fear the theft could present counter-intelligence problems.

“Contrary to a popular belief, fingerprints are not unique, and out of 5.6 million fingerprints compromised, there can be quite a few people who have fingerprints similar enough to be accepted by the biometric authentication system”, Baikalov said. “However, this probability could change over time as technology evolves”, OPM said in a statement.

During that process, officials “identified archived records containing additional fingerprint data not previously analysed”, the OPM statement said.

Meanwhile, the total number of affected people – which includes the more than 21 million former and current government employees whose Social Security numbers and addresses were stolen – remains the same.

Federal experts believe that, as of now, the ability to misuse fingerprint data is limited. However, it acknowledged that the risk could rise as technology improved and fingerprints were increasingly used as a guarantee of identity. As Wired reports, however, there’s no explanation of how the theft of over five million federal employees – some of whom have security clearances – will impact national security. If, in the future, new means are developed to misuse the fingerprint data, the government will provide additional information to individuals whose fingerprints may have been stolen in this breach.

About 4.5 million additional fingerprints have been identified as the data breach continues to be analyzed by the Department of Defense (DoD) and the Office of Personal Management (OPM). In conjunction with the Department of Defense, OPM is working to begin mailing notifications to impacted individuals, and these notifications will proceed on a rolling basis.