Millions more Americans hacked than disclosed
July 10, 2015Hackers stole the sensitive data of 21.5 million people, the government announced Thursday - millions more than the 4.2 million people previously disclosed in a "separate but related" incident.
During a conference call between administration officials and reporters, FBI Director James Comey described the scope of the Office of Personnel Management (OPM) breach as "huge."
"It's a treasure trove of information about everybody who has worked for, tried to work for, or works for the United States government," said Comey.
Combined, the 2014 and 2015 hacks affected 22.1 million people - almost 7 percent of the US population. A total of 3.6 million applicants had data breached in both attacks.
Officials say they discovered the first breach in April but it appears that hackers gained network access back in May 2014. The data would detail the drug use, romantic history and sensitive placements of some of the more interesting 19.7 million current, former and even unhired federal employees and contractors who sought clearances, plus 1.8 million others - mostly applicants' spouses or co-habitants, essentially creating a road map for blackmail.
Though some analysts and news agencies have speculated as to China's involvement in the attack, officials from the country have dismissed the allegations. The White House has called for new cybersecurity measures.
'Stand against incompetence'
Lawmakers from both major parties in the US Congress have demand the removal of OPM, Director Katherine Archuleta, who began working at the agency in November 2013. House of Representatives Speaker John Boehner, a Republican, said President Barack Obama: "must take a strong stand against incompetence in his administration and instill new leadership at OPM."
Virginia Senator Mark Warner, a Democrat, said: "The technological and security failures at the Office of Personnel Management predate this director's term, but Director Archuleta's slow and uneven response has not inspired confidence that she is the right person to manage OPM through this crisis."
Archuleta has said that neither she nor OPM Chief Information Officer Donna Seymour would resign. She has faced hostile questions from lawmakers at several congressional hearings but defends her record, saying new systems she implemented have helped to discover the breaches.
"I am committed to the work that I am doing at OPM," Archuleta said during Thursday's conference call.
According to the OPM, an investigation found no information "at this time" to suggest misuse or dissemination of the information. However, the government will offer free monitoring to those affected to guard against fraud or identity theft.
In June, Germany's Bundestag had a large amount of data stolen in an attack that some have blamed on Russian hackers.
mkg/rc (Reuters, AFP, AP)