You’ve heard me say it before: it just gets worse and worse! China now has your SF-86 and background investigations. And who knows who they will sell this info to.
(Washington Post) The Chinese breach of the Office of Personnel Management network was wider than first acknowledged, and officials said Friday that a database holding sensitive security clearance information on millions of federal employees and contractors also was compromised.
In an announcement, OPM said that investigators concluded this week with “a high degree of confidence” that the agency’s systems containing information related to the background investigations of “current, former and prospective” federal employees, and others for whom a background check was conducted, were breached. . .
. . . “This is potentially devastating from a counterintelligence point of view,” said Joel Brenner, a former top counterintelligence official for the U.S. government, speaking about the latest revelation. “These forums contain decades of personal information about people with clearances . . . which makes them easier to recruit for foreign espionage on behalf of a foreign country.” . .
. . . The separate background-check database contains sensitive information — called SF-86 data — that includes applicants’ financial histories and investment records, children’s and relatives’ names, foreign trips taken and contacts with foreign nationals, past residences, and names of neighbors and close friends.
That database was also breached last year by the Chinese in a separate incident, and the new intrusion underscores how persistent and determined Beijing is in going after data valuable to counterespionage.
“The adversary is obviously very interested in that data,” said a U.S. official, who, like several others who were interviewed, spoke on the condition of anonymity because of the ongoing investigation. . . .
. . . Matthew Olsen, a former National Security Agency general counsel and former head of the National Counterterrorism Center, said the breach is “truly significant.” The data can be used in many different ways to target people, “whether it’s blackmail, to recruit, to punish individuals in China who are connected to people in the United States.”
In the past year or two, the Chinese government has begun building massive databases of Americans’ personal information obtained through cyberespionage.
Besides the series of OPM intrusions, a federal government contractor that conducted background investigations for OPM and the Department of Homeland Security was hacked last year by the Chinese. And Beijing has been linked to penetrations of several health insurance companies that hold personal data on tens of millions of Americans.
“Who can be surprised?” Brenner said. “They’re making a concerted effort to gather vast quantities of information about Americans. This is perfectly clear. That they have all this clearance information is a disaster.” . . .(Read more)
Second cyber attack by Chinese linked hackers exposed military, intelligence data (AP)
Hackers linked to China have gained access to the sensitive background information submitted by intelligence and military personnel for security clearances, U.S. officials said Friday, describing a cyberbreach of federal records dramatically worse than first acknowledged.
The forms authorities believed may have been stolen en masse, known as Standard Form 86, require applicants to fill out deeply personal information about mental illnesses, drug and alcohol use, past arrests and bankruptcies. They also require the listing of contacts and relatives, potentially exposing any foreign relatives of U.S. intelligence employees to coercion. Both the applicant’s Social Security number and that of his or her cohabitant is required.
In a statement, the White House said that on June 8, investigators concluded there was “a high degree of confidence that … systems containing information related to the background investigations of current, former and prospective federal government employees, and those for whom a federal background investigation was conducted, may have been exfiltrated.” . . . .
Officials Say Deeply Personal Information in Hackers’ Hands (AP)
Deeply personal information submitted by U.S. intelligence and military personnel for security clearances — mental illnesses, drug and alcohol use, past arrests, bankruptcies and more — is in the hands of hackers linked to China, officials say.
In describing a cyberbreach of federal records dramatically worse than first acknowledged, authorities point to Standard Form 86, which applicants are required to complete. Applicants also must list contacts and relatives, potentially exposing any foreign relatives of U.S. intelligence employees to coercion. Both the applicant’s Social Security number and that of his or her cohabitant are required.
“This tells the Chinese the identities of almost everybody who has got a United States security clearance,” said Joel Brenner, a former top U.S. counterintelligence official. “That makes it very hard for any of those people to function as an intelligence officer. The database also tells the Chinese an enormous amount of information about almost everyone with a security clearance. That’s a gold mine. It helps you approach and recruit spies.” . . . (read more)
Feds Eye Link to Private Contractor in Massive Government Hack (ABC News)
The hackers who recently launched a massive cyber-attack on the U.S. government, exposing sensitive information of millions of federal workers and millions of others, may have used information stolen from a private government contractor to break into federal systems, according to sources briefed on the matter.
Authorities suspect the hackers, likely from China, entered the U.S. Office of Personnel Management’s computer systems after first gaining access last year to the systems of KeyPoint Government Solutions — one of the primary providers of background checks for the U.S. government, sources said. KeyPoint representatives contacted by ABC News declined comment for this story.
Authorities, meanwhile, believe hackers were able to extract electronic credentials or other information from within KeyPoint’s systems and somehow use them to help unlock OPM’s systems, according to sources.
The hackers then rummaged through separate “segments” of OPM’s systems, potentially compromising personal information of not only the 4 million current and former federal employees already acknowledged publicly but also millions more, including relatives, friends and maybe even college roommates, the sources said.
In an unrelated statement today, OPM said authorities have “a high degree of confidence that OPM systems containing information related to the background investigations of current, former, and prospective Federal government employees, and those for whom a federal background investigation was conducted, may have been exfiltrated,” as previously reported by ABC News. . . (read the rest)
On Chinese hacks, the U.S. government isn’t following its own advice (Washington Post)
When the Chinese allegedly hacked into the government’s database in December, they took more than the government originally let on. On Friday, administration officials acknowledged the hackers had access to incredibly sensitive security clearance information. And the government’s largest employee union says it used evidence the government has released about the hack to determine that hackers have access to the personnel files of every single federal civilian employee.
We now know hackers also had access to thousands of investigative files for federal employees and contractors applying for security clearances. Those exhaustive investigations dig into employees’ personal lives in excruciating detail and list pretty much every bad thing a person has done, from drugs and illegal activities to gambling and financial problems to relationship troubles.
But hackers possibly got access to all that in December, and it was reportedly discovered in April. The government told the public about it in June, when the story broke. . . .
Second Hack of Government Data May Have Compromised Security-Clearance Information (National Journal)
Officials confirmed Friday they had detected a second intrusion that may be far more damaging than the one reported last week.
Why The OPM Breach Is Such a Security and Privacy Debacle (Wired)
IF IT’S NOT already a maxim, it should be: Every big hack discovered will eventually prove to be more serious than first believed. That’s holding to be especially true with the recently disclosed hack of the federal Office of Personnel Management, the government’s human resources division.
Message from Dan Payne, Deputy National Counterintelligence Executive:
