A government workers’ union announcedyesterday that the personnel data of every single federal employee was stolen when hackers breached the Office of Personnel Management (OPM) back in December.
Retirees and up to one million former employees may have been affected, too, since much of the information in OPM’s database dates back to 1985.
While the OPM has refused to disclose specifics about the information that may have been compromised, citing “security reasons,” the OPM database is a known repository for extremely sensitive information.
As such, a single employee may have as much as 780 separate pieces of personal information about them on file in the database, according to AP.
“Security-wise, this may be the worst breach of personally identifying information ever,” Michael Borohovski, CEO of Tinfoil Security, told Business Insider on Friday. “There aren’t a lot of details yet about what exactly was taken, but OPM is responsible for administering the SF 86, which is one of the most extensive national security questionnaires that exists.”
Federal employees and contractors who want government security clearance have to disclose virtually every aspect of their lives via an ‘SF 86’ questionnaire which is then stored on OPM’s largely unencrypted database.
The 120-page questionnaire is an exhaustive examination of an applicant’s personal history, including their financial records (including gambling addictions and any outstanding debt), drug use, alcoholism, arrests, psychological and emotional health, foreign travel, foreign contacts, and an extensive list of all relatives.
Pretty much everybody’s SF86 + BI has info you never want to fall into hostile intel hands. Never as in Not Ever. This is just awful.
— John Schindler (@20committee) June 6, 2015
The OPM also stores the results of polygraph tests, which is “really bad, because the goal of government-administered polygraph tests is to uncover any blackmailable information about its employees before it can be used against them,” Borohovski said. “So it’s really a goldmine of blackmail for intruders.”
Business Insider Emails & Alerts
Site highlights each day to your inbox.