The biggest data breach affecting the US government’s personnel management agency, which allegedly exposed 14 million current and former civilian employees, involves millions more people than previously estimated, according to Reuters.
The Office of Personnel Management said data stolen from its computer networks included Social Security numbers and other sensitive information on 21.5 million people who have undergone background checks for security clearances. Recent figures show that almost 7% of the US population is affected by the breach.
Experts speculated on the identity of the perpetrators of the breach at US the Office of Personnel Management (OPM) after security specialists found the alleged data for sale on a popular black market. The sample was offered by a user with the pseudonym of PING, as HOTforSecurity had previously reported. Last month, people briefed on the investigation said some 14 million current and former civilian US government employees had personal information exposed to hackers, a much higher figure than the 4 million the Obama administration initially disclosed.
The breach had already been considered one of the most damaging on record because of its scale and, more importantly, the sensitivity of the material taken. According to Reuters, those exposed included 19.7 million who applied for clearances – current, former and prospective federal employees and contractors – plus 1.8 million non-applicants, mostly spouses or co-habitants of applicants.
In June, US intelligence officials accused China of spying and of engaging in large-scale theft of corporate secrets for the benefit of state-sponsored enterprises that compete with Western companies, as nearly every major US company has been hacked from China.