Federal hack affected 21.5 million people
WASHINGTON - The massive hack last year of the Office of Personnel Management's system containing security clearance information affected 21.5 million people, including current and former employees, contractors, and their families and friends, officials said Thursday.
WASHINGTON - The massive hack last year of the Office of Personnel Management's system containing security clearance information affected 21.5 million people, including current and former employees, contractors, and their families and friends, officials said Thursday.
That is in addition to a separate hack - also last year - of OPM's personnel database that affected 4.2 million people. That number was previously announced.
Together, the breaches arguably are the most consequential cyber intrusion in U.S. government history. Administration officials have privately said they were traced to the Chinese government and appear to be for purposes of traditional espionage.
The 21.5 million figure includes 19.7 million individuals who applied for a background investigation, and 1.8 million non-applicants, predominantly spouses or people who live with the applicants. Some records also include findings from interviews conducted by background investigators, and about 1.1 million include fingerprints, officials said.
Individuals who underwent a background investigation through OPM in 2000 or afterward are "highly likely" affected, officials said. Background checks before 2000 are less likely to have been affected, they said.
The lapse enabled hackers to gain access not only to personnel files but also personal details about millions of individuals with government security clearances - information a foreign intelligence service could potentially use to recruit spies.
Because the exposed records included information on individuals who served as references on security clearance applications, U.S. officials said that the stolen data include details on certain employees' relatives and friends.
Wednesday's announcement only seemed to strengthen Republican calls on Capitol Hill for OPM Director Katherine Archuleta and her chief information officer, Donna Seymour, to resign.
"Since at least 2007, OPM leadership has been on notice about the vulnerabilities to its network and cybersecurity policies and practices," Rep. Jason Chaffetz (R., Utah), chairman of the House Oversight and Government Reform Committee, said in a statement.
"Their negligence has now put the personal and sensitive information of 21.5 million Americans into the hands of our adversaries," Chaffetz said. "Such incompetence is inexcusable. Again, I call upon President Obama to remove Director Archuleta and Ms. Seymour immediately."