We may be witnessing 'the worst breach of personally identifying information ever'

Spying NSA phone surveillanceREUTERS/Jonathan ErnstNational Security Agency (NSA) Director U.S. Army General Keith Alexander. NSA employees and contractors are among those who may have had their data stolen.

A government workers’ union announcedyesterday that the personnel data of every single federal employee was stolen when hackers breached the Office of Personnel Management (OPM) back in December.

Retirees and up to one million former employees may have been affected, too, since much of the information in OPM’s database dates back to 1985.  

While the OPM has refused to disclose specifics about the information that may have been compromised, citing “security reasons,” the OPM database is a known repository for extremely sensitive information.

OPM “conducts more than 90% of all federal background investigations, including those required by the Department of Defence and 100 other federal agencies,” Reuters reported last week.

As such, a single employee may have as much as 780 separate pieces of personal information about them on file in the database, according to AP.

“Security-wise, this may be the worst breach of personally identifying information ever,” Michael Borohovski, CEO of Tinfoil Security, told Business Insider on Friday. “There aren’t a lot of details yet about what exactly was taken, but OPM is responsible for administering the SF 86, which is one of the most extensive national security questionnaires that exists.”


Federal employees and contractors who want government security clearance have to disclose virtually every aspect of their lives via an ‘SF 86’ questionnaire which is then stored on OPM’s largely unencrypted database.


The 120-page questionnaire is an exhaustive examination of an applicant’s personal history, including their financial records (including gambling addictions and any outstanding debt), drug use, alcoholism, arrests, psychological and emotional health, foreign travel, foreign contacts, and an extensive list of all relatives.


The OPM also stores the results of polygraph tests, which is “really bad, because the goal of government-administered polygraph tests is to uncover any blackmailable information about its employees before it can be used against them,” Borohovski said. “So it’s really a goldmine of blackmail for intruders.”


NOW WATCH: Why Putin is the most powerful man in the world

NOW WATCH: Briefing videos

Business Insider Emails & Alerts

Site highlights each day to your inbox.

Follow Business Insider Australia on Facebook, Twitter, LinkedIn, and Instagram.