Along with the massive security breach that exposed millions of federal workers’ personnel records, hackers also very likely accessed information from background checks that were done on both federal employees and applicants.
That’s part of an update from a senior Obama administration official who declined to be named on the record because of the ongoing investigation into the cyberattack against the Office of Personnel Management.
The official says the investigators have told other U.S. agencies “that there was a high degree of confidence that OPM systems containing information related to the background investigations of current, former, and prospective Federal government employees, and those for whom a federal background investigation was conducted, may have been exfiltrated.”
The official added that because the inquiry is in process, the full scope of the compromised information isn’t yet known.
The large-scale attack was revealed in early June. At the time, officials said that the data of nearly 4 million past and current federal workers were at risk.
That breach was said to reveal information such as “people’s names, Social Security numbers, dates and places of birth, and current and former addresses,” as Sam Sanders reported for the Two-Way.
The Washington Post reports:
“The separate background check database contains sensitive information — called SF-86 data — that includes applicants’ financial histories and investment records, children’s and relatives’ names, foreign trips taken and contacts with foreign nationals, past residences and names of neighbors and close friends.”
When they released news of the hacking attack, government officials said they would be getting in touch with people whose data were compromised between June 8 and June 19.
While early speculation placed the blame for the attack on China, there’s been no official confirmation of that. And there’s been a debate over whether the information was targeted for financial gain or to bolster attempts to steal intellectual property.
“It’s possible that hackers are building databases on individuals who are deemed particularly valuable for their financial worth or their access to U.S. state secrets,” NPR’s Aarti Shahani reported last weekend.