Home / Software & Gaming / Security / US personnel data breach was far worse than we thought

US personnel data breach was far worse than we thought

When the White House's Office of Personnel Management (OPM) was cracked wide open by some unknown actors earlier this year, it was thought that as many as 4.2 million people had had their records copied away. That included their medical histories, employment details and potentially confessions made to help them gain government positions. However now the breach is thought to have been much worse, potentially affecting as many as 21.5 million.

Announced this Thursday by the OPM, the news also brings to light that not only were those that had at some point applied for a government role affected, by their spouses and relatives too. While 19.7 million of the records relate to government employees and applicants, over 1.8 million non-applicants were affected. 1.1 million of the records also included people's fingerprint data.

Demonstrating how comprehensive the hack was, the OPM said in a statement (via BBC): “If an individual underwent a background investigation through OPM in 2000 or afterwards… it is highly likely that the individual is impacted by this cyber breach.”

Many people want to see head of the OPM, Kathering Archuleta fired.

In the wake of the news, several prominent US politicians have called for the head of OPM, Katherine Archuleta, to be removed from her position and a new leader put in her place. While that has yet to happen, the OPM has set up resources to help those affected combat any potential fall out. The OPM will work with identity theft and insurance firms to provide a measure of protection for anyone that finds themselves victim of identity fraud as fall out from the hack.

It has also established a call centre to answer any relevant questions and will make a big move to strengthen the organisation's digital defences moving forward.

Although it has been denied, US authorities have so far said China is the most likely culprit for the hack.

Discuss on our Facebook page, HERE.

KitGuru Says: This was a pretty colossal screw up. It really shows how antiquated a lot of government systems are and how wrong many politicians are when they say encryption is dangerous. Solid encryption in a situation like this could have saved millions from being adversely affected.

Image source: US Department of Agriculture/Flickr

Become a Patron!

Check Also

Sony investigating claims of major security breach

This week, a ransomware group claimed to have breached "all of Sony's systems", putting the stolen data up for sale on the dark web. Sony has yet to confirm that an attack has taken place but the company is now investigating.