The Office of Personnel Management today said that some 5.6 million fingerprints were stolen by the hacker and not 1.1 million like it was previously reported. The new data came after the agency had conducted further investigation together with the Department of Defense.
The stolen fingerprints involved records of 21.5 million federal workers including employee from Defense Department. According to an official, Josh Earnest said that the attack began during spring and it involved security clearance records from past years. Everyone involved will be notified when the investigation is completed and their name will not be publicly shared.
According to The Guardian, U.S intelligence believes that the attack comes from China as the country had a previous cybercrimes history. However, the U.S government did not make any official accusation as they said that it is a fair intelligence target saying that any country would do the same if the opportunity present. As CNBC reported, Xi Jinping administration has denied any involvement in the attack.
Besides fingerprint, the data stolen includes important biographical information that the workers need to fill for security clearance purpose. Officials are worried that the data could jeopardise any of the U.S agents abroad although the real effect of the attack is unknown. Besides jeopardising agents' identity, officials also worried that attackers might use the data to understand how they could put their agents among the U.S employee.
U.S official intelligence spokesman said that the ability for attackers to misuse the fingerprints is still limited now. However, advancement in technology might increase the level of threat it poses as reported by Reuters.
The latest attack raises a question about the level of cyber security in the United States. A Nebraska Republican, Senator Ben Sasse also accused the Obama administration failed to treat the threat as a serious issue. He said that "Today's blatant news dump is the clearest sign yet that the administration still acts like the OPM crisis hack is a PR crisis instead of a national security threat."
Xi Jinping is currently in the United States for his first official visit since becoming president. He is expected to meet Obama at the White House soon and the two leaders are expected to discuss the cyber crimes issue. Mr. Xi had previously said in his speech in Seattle that his administration is ready to set up a joint force with the U.S. to fight cyber crimes.
Join the Conversation