Following up on a story we covered twice last month (here and here), this week the U.S. Office of Personnel Management (OPM), which is the human resources department for the U.S. government, announced a dramatic expansion in the number of people impacted by the massive cyber attack and breach of their computer networks and databases.
As AlertsUSA has previously warned, it is standard practice in federal crisis management to downplay or otherwise intentionally misrepresent the severity of an incident in initial reports, then add detail after the first wave of news has normalized with the public. Once again we have been proven right. Readers will recall that initial reports from the OPM stated that hackers accessed the personal information for over 4 MILLION U.S. government employees, which encompassed nearly 95% of the entire U.S. federal workforce.
This week OPM publicly stated that sensitive personal information had been stolen for in excess of 21 MILLION individuals, which includes 19.7 million individuals that actually applied for a background investigation, as well as 1.8 million non-applicants, predominantly spouses or co-habitants of applicants. In total, this is greater than a five-fold increase compared to what was originally reported.
OPM also states that the stolen information includes names, addresses, dates of birth, Social Security numbers, residency and educational histories, employment histories, information about immediate family members and other personal and business acquaintances; health, criminal and financial histories as well as findings from interviews conducted by background investigators and fingerprints.
ACCORDING TO OPM :
If an individual underwent a background investigation through OPM in 2000 or afterwards (which occurs through the submission of forms SF 86, SF 85, or SF 85P for a new investigation or periodic reinvestigation), it is highly likely that the individual is impacted by this cyber breach. If an individual underwent a background investigation prior to 2000, that individual still may be impacted, but it is less likely.
During testimony this week before the Senate Intelligence Committee, FBI Director James Comey called the OPM hack a QUOTE UNQUOTE "enormous breach," saying "millions and millions" of government records were stolen, including his own.
According to Office of Personnel Management, the hack that resulted in the loss of these records began in May 2014 and was not discovered until May 2015.
MISSING FROM THE MAINSTREAM NARRAIVE:
OPM's Director, Katherine Archuleta [UPDATE: Former Director...], had absolutely no background experience whatsoever related to the critical mission of the Office of Personnel Management. In fact, she is a political operative whose previous position was that of National Political Director for President Obama's 2012 reelection campaign. Before that, she was Chief of Staff for the Secretary of Labor. Before that, she was a community organizer for the Colorado-based Latina Initiative.
YOU NEED TO PAY ATTENTION TO THIS
AlertsUSA again warns readers that the threat posed by these overall hacking incidents extends far beyond that of identity theft. A foreign government may now be in possession of detailed personal information on a significant number of U.S. citizens currently or previously holding some level of security clearance, as well as that of family members and close acquaintances. This includes most active and reserve members of the U.S. military, members of Congress and their staff. The value of this kind of information to foreign governments and intelligence services cannot be overstated. Depending on the specifics, such as the nature of someone's work, the sponsoring department or agency, as well as the likelihood this information is correlated with that gleaned from other cyber intrusions, these individuals could become targets of interest to foreign intelligence services both within the U.S. as well as when you are traveling abroad.
OPM BREACH INFORMATION FOR SALE
Finally, be advised the OPM and other federal agencies are publicly stating that "there is no information to suggest any misuse or further dissemination of the information that was stolen in the data breach." This statement is patently false. As AlertsUSA has previously reported, some of this information is already appearing on the Dark Net for sale (see this, this and this)..
AlertsUSA cautions readers that while OPM, DHS, FBI and private sector contractors have already begun efforts at contacting those impacted, we strongly urge US government and private sector employee whose job requires a federal security clearance, including tens of thousands of law enforcement officials across the country, that it is extremely important you proactively contact your department, agency or company Security Officer for updates and specific guidance on securing your situation.
There is no magic solution to individual exposure in this situation. Readers impacted by this are advised to be proactive.
GENERAL INCIDENT RESOURCES
Office of Personnel Management
Information about OPM Cybersecurity Incidents
Steps to Protect Fed Workers & Others From Cyber Threats
Department of Defense
Sample Notification Email (PDF)
DoD Defense Security Service
Counterintelligence Training Materials
Reporting Suspicious Contacts
DOJ / FBI Domestic Security Alliance Council
Elicitation Techniques Explained
Internet Social Networking Risks
Safety Tips for U.S. Business Travelers Abroad
Office of the Director of National Intelligence
Your Personal Information: Protecting It From Exploitation
AlertsUSA continues to closely monitor developments with this incident as well as a broad list of other threats facing the United States and it's citizens and interests abroad and will immediately notify service subscribers of new alerts, warnings and advisories or any developments which signal a change the overall threat picture as events warrant.