More than 25 million had their personal information stolen when Office of Personnel Management (OPM) servers were breached by Chinese hackers last year, sources close to the agency told ABC.
The New York Times is reporting 21.5 million, and CNN is
In any case, the figure is much higher than OPM’s original estimate of 4 million and amounts to roughly 7% of the US population.
Hackers who infiltrated OPM had access to the agency’s security-clearance computer system for over a year, the The Washington Post reported, giving them ample time to steal as much information as possible from OPM’s database of military and intelligence officials.
Stored in OPM’s database are the SF86 forms of every American who has ever applied for government security clearance. The hackers reportedly acquired these forms, which detail sensitive background information and is “one of the most extensive national security questionnaires that exists,” Michael Borohovski, CEO of Tinfoil Security, told Business Insider last month.
“Security-wise, this may be the worst breach of personally identifying information ever,” he added.
Members of the intelligence community, including FBI employees, were also affected by the breach.
As a result, spies who took OPM information will know “who the best targets for espionage are in the United States,” Michael Adams, a computer-security expert with more than two decades’ experience in the US Special Operations Command, told The Daily Beast.
The agency also stores the results of polygraph tests, which is “really bad, because the goal of government-administered polygraph tests is to uncover any blackmailable information about its employees before it can be used against them,” Borohovski said. “So it’s really a goldmine of blackmail for intruders.”
Business Insider Emails & Alerts
Site highlights each day to your inbox.