Previous Story
STICKY FINGERS United States fingerprint data breach 5 times worse than thought
The information was part of an array of sensitive files, including Social Security numbers, swiped in a hack estimated to have affected 21.5 million people total – including people who applied for security clearances and their families.
The sobering news came from the Office of Personnel Management, the federal personnel agency whose data was hacked in what officials believe was a Chinese espionage operation. While the overall estimate of 21.5 million individuals records being revealed has not increased, this puts the privacy of 25 percent of these employees into even more danger.
It could also help the Chinese catch US spies.
U.S. government forces have so far avoided casting blame for the attack, but China is rumoured to be behind it as the country steps up its cybersecurity knowledge. A statement released Wednesday said the agency was revising that number to 5.6 million. Yet OPM estimates that there’s a “limited” risk that the fingerprints could be abused. And it says it’s assembled an interagency working group that includes officials from the Pentagon, FBI, DHS, and intelligence agencies to review the problem. The new number, tied to the discovery of additional archived data that was stolen over the period of the breach, more than quintuples the amount of individuals whose fingerprint data was stolen.
Working with the Defense Department, OPM will “begin mailing notifications to impacted individuals, and these notifications will proceed on a rolling basis”, Schumach said.
UPDATE: House Oversight Commitee Chairman Jason Chaffetz, R-Utah, piled on in his own statement: “OPM keeps getting it wrong”.
Now we’re learning that the biometric data of 5.6 million federal employees were stolen along with mountain of Social Security numbers, addresses and lists of relatives. It is also making identity theft and fraud protection available to all impacted individuals and their dependents at no cost.
This year, the OPM found that its system was breached by hackers linked to China. I have zero confidence in OPM’s competence and ability to manage this crisis. As a result, OPM head Katherine Archuleta resigned the next day. This suggests the OPM’s investigators don’t go to hacking conferences, where the ability to create dummy fingerprints from printed records, or even photographs, is routinely demonstrated.
