- Twitter launches new tool to combat misinformation about voting 4 Years Ago
- Conservative guy’s Elizabeth Warren op-ed inspires ‘slap in the face’ meme Today 7:37 AM
- ‘Ask Dr. Ruth’ takes a crowd-pleasing look at her life and groundbreaking career Today 7:30 AM
- Tom Holland and Daisy Ridley’s ‘Chaos Walking’ is so bad it’s ‘unreleasable’ Today 7:01 AM
- The best Westerns on YouTube that you can watch for free Today 7:00 AM
- The shocking similarities between QAnon’s ‘Storm’ and the far-right’s ‘Second Civil War’ Today 6:30 AM
- Healsluts are challenging gaming to make room for queer, kinky self-discovery Today 6:30 AM
- Does ‘Avengers: Endgame’ have a post-credits scene? Today 6:00 AM
- Sling TV Latino es esencial para quienes están hartos de la televisión por cable Today 5:00 AM
- Daenerys’ passive-aggressive smile is a very relatable meme Tuesday 11:18 PM
- Kentucky food truck repurposes ‘LGBTQ’ to support Trump, BBQ Tuesday 8:47 PM
- Trump complains about his Twitter follower count to Jack Dorsey Tuesday 6:34 PM
- ‘Avengers: Endgame’ sticks the devastating landing—and gives you time to grieve Tuesday 5:00 PM
- Teen hits Apple with $1 billion lawsuit over alleged face recognition arrest Tuesday 4:48 PM
- John Cornyn tried to attack Patton Oswalt for his old tweets and failed miserably Tuesday 4:29 PM
Hackers stole 21.5 million Social Security numbers from the U.S. government
The stolen data also includes more than 1 million fingerprints.
The hackers who breached the Office of Personnel Management stolen more than 21 million Social Security numbers, according to new details from the agency.
The OPM hack, first discovered in May, is the largest ever successful cyberattack against the U.S. government. Since the breach was first revealed in early June, the scope of the attack has been growing steadily. It was initially reported to affect four million federal employees, but that number was later bumped to 18 million and now stands at 21.5 million.
More than 19 million of the stolen records included background-check investigation details, and 1.1 million included fingerprint data, according to OPM. The agency also said that everyone who had undergone a background check beginning in 2000 was almost certainly affected.
U.S. authorities haven’t officially named a perpetrator for the attack, but most governmental sources are privately pointing the finger at China.
Michael Daniel, WH cyber advisor, says admin not ready to attribute the OPM hack to a specific actor. (DNI has said main “suspect” China)
— Shane Harris (@shaneharris) July 9, 2015
“We are deeply concerned over the failure of the federal government to adequately protect its personnel computer systems and the devastating impact the recent breaches of these systems may have on national security, as well as on the financial and personal security of millions of current and former federal employees,” David Snell, federal benefits service director of the National Active and Retired Federal Employees Association, said at a Congressional hearing on Wednesday.
Katherine Archuleta, OPM’s director, has resisted calls to resign from many Republicans, and she maintained that stance on Thursday as her agency provided its most detailed accounting to date of the scope of the breach.
In a statement released shortly after OPM’s announcement, the top Democrat on the House Intelligence Committee blasted the agency for failing to properly brief Congress.
“I do not believe OPM was fully candid in its original briefing to the Committee and omitted key information about two distinct hacks and the breadth of the potential compromise,” Rep. Adam Schiff (D-Calif.) said in a statement.
The failures that led to the OPM breach stretch beyond the small personnel office. The Department of Homeland Security, FBI, and even the National Security Agency have all faced cybersecurity vulnerabilities that officials are racing to patch. The government has been rolling out new cyber defenses and will continue to do so over the next year.
OPM is still in the process of notifying the millions of federal employees and family members who were affected by the breach.
Patrick Howell O'Neill is a notable cybersecurity reporter whose work has focused on the dark net, national security, and law enforcement. A former senior writer at the Daily Dot, O'Neill joined CyberScoop in October 2016. I am a cybersecurity journalist at CyberScoop. I cover the security industry, national security and law enforcement.