Hackers with suspected links to China appear to have accessed sensitive background information submitted by intelligence and military personnel for security clearances, several US officials said on Friday. It is the second such breach of federal records revealed last week.
The forms authorities believed to have been accessed require applicants to fill out deeply personal information about mental illness, drug and alcohol use, past arrests and bankruptcies.
They also require the listing of contacts and relatives, potentially exposing any foreign relatives of US intelligence employees to coercion. Both the applicant’s national identification number and that of his or her cohabitant is required, France24 reported.
The officials spoke on condition of anonymity because the security clearance material is classified.
In a statement, the White House said that on June 8, investigators concluded there was “a high degree of confidence that ... systems containing information related to the background investigations of current, former and prospective federal government employees, and those for whom a federal background investigation was conducted, may have been exfiltrated.”
Joel Brenner, a former top US counterintelligence official, said, “This tells hackers the identities of almost everybody who has got a United States security clearance.
“That makes it very hard for any of those people to function as an intelligence officer. The database also tells hackers an enormous amount of information about almost everyone with a security clearance. That’s a gold mine. It helps you approach and recruit spies.”
The Office of Personnel Management, a central personnel database, which was the target of the hack, has not officially notified military or intelligence personnel whose security clearance data were breached, but news of the second hack was starting to circulate in both the Pentagon and the CIA.
The officials said they believe the hack into the security clearance database was separate from the breach of federal personnel data announced last week, a breach that is itself appearing far worse than first believed.
Nearly all of the millions of security clearance holders, including CIA, National Security Agency and military special operations personnel, are potentially exposed in the security clearance breach, the officials said. More than 2.9 million people had been investigated for a security clearance as of October 2014, according to government records.
14 Million Exposed
In the hack of standard personnel records announced last week, two people briefed on the investigation disclosed Friday that as many as 14 million current and former civilian US government employees have had their information exposed to hackers, a far higher figure than the four million the Obama administration initially disclosed. American officials say the cyber-theft has been traced back to China.
The newer estimate puts the number of compromised records between 9 million and 14 million going back to the 1980s.
There are about 2.6 million executive branch civilians, so the majority of records exposed relate to former employees. Contractor information also has been stolen, officials said. The data in the hack revealed last week include the records of most federal civilian employees, though not members of Congress.
Early Warning
On Thursday, a major union said it believes the hackers stole national identification numbers, military records and veterans’ status information, addresses, birth dates, job and pay histories, health insurance, life insurance and pension information, as well as age, gender and race data.
The personnel records would provide a foreign government an extraordinary roadmap to blackmail, impersonate or otherwise exploit federal employees to gain access to US secrets, or entry into government computer networks.
The national identification numbers, known as Social Security numbers, were not encrypted, the American Federation of Government Employees said, calling that “an abysmal failure on the part of the agency to guard data that has been entrusted to it by the federal workforce.”
The Obama administration had acknowledged that up to 4.2 million current and former employees whose information resides in the Office of Personnel Management server are affected by the December cyber-breach, but it had been vague about exactly what was taken.
