- Mike Pence says a triple crown winning racehorse bit him Today 12:51 PM
- Disney CEO Bob Iger leaves Apple board amid streaming wars Today 12:01 PM
- Influencer Destiny Marquez faces backlash for berating Forever 21 employee Today 10:32 AM
- Chelsea Handler tackles system racism in ‘Hello Privilege. It’s Me, Chelsea’ Today 9:18 AM
- Gun control proposal: Trump, lawmakers considering background check-conducting app Today 9:05 AM
- How to stream Browns vs. Jets on Monday Night Football Today 7:00 AM
- What are anons? Today 6:30 AM
- How to stream Eagles vs. Falcons on Sunday Night Football Today 6:00 AM
- How to stream ‘Power’ season 6, episode 4 Today 5:00 AM
- How to stream WWE’s Clash of Champions 2019 Saturday 8:00 PM
- How ‘F*ck off Scotland’ became a Scottish rallying cry amid Brexit madness Saturday 6:28 PM
- A Missouri officer resigned after his Islamophobic Facebook posts surfaced Saturday 5:08 PM
- Adding ‘Triggered’ to stock photos of white men creates Netflix comedy special thumbnails Saturday 3:10 PM
- New restaurant in New York has a seriously unfortunate name: ‘Qanoon’ Saturday 1:38 PM
- These are the 10 best ‘Star Wars’ ships Saturday 12:41 PM
Hackers stole 21.5 million Social Security numbers from the U.S. government
The stolen data also includes more than 1 million fingerprints.
The hackers who breached the Office of Personnel Management stolen more than 21 million Social Security numbers, according to new details from the agency.
The OPM hack, first discovered in May, is the largest ever successful cyberattack against the U.S. government. Since the breach was first revealed in early June, the scope of the attack has been growing steadily. It was initially reported to affect four million federal employees, but that number was later bumped to 18 million and now stands at 21.5 million.
More than 19 million of the stolen records included background-check investigation details, and 1.1 million included fingerprint data, according to OPM. The agency also said that everyone who had undergone a background check beginning in 2000 was almost certainly affected.
U.S. authorities haven’t officially named a perpetrator for the attack, but most governmental sources are privately pointing the finger at China.
Michael Daniel, WH cyber advisor, says admin not ready to attribute the OPM hack to a specific actor. (DNI has said main “suspect” China)
— Shane Harris (@shaneharris) July 9, 2015
“We are deeply concerned over the failure of the federal government to adequately protect its personnel computer systems and the devastating impact the recent breaches of these systems may have on national security, as well as on the financial and personal security of millions of current and former federal employees,” David Snell, federal benefits service director of the National Active and Retired Federal Employees Association, said at a Congressional hearing on Wednesday.
Katherine Archuleta, OPM’s director, has resisted calls to resign from many Republicans, and she maintained that stance on Thursday as her agency provided its most detailed accounting to date of the scope of the breach.
In a statement released shortly after OPM’s announcement, the top Democrat on the House Intelligence Committee blasted the agency for failing to properly brief Congress.
“I do not believe OPM was fully candid in its original briefing to the Committee and omitted key information about two distinct hacks and the breadth of the potential compromise,” Rep. Adam Schiff (D-Calif.) said in a statement.
The failures that led to the OPM breach stretch beyond the small personnel office. The Department of Homeland Security, FBI, and even the National Security Agency have all faced cybersecurity vulnerabilities that officials are racing to patch. The government has been rolling out new cyber defenses and will continue to do so over the next year.
OPM is still in the process of notifying the millions of federal employees and family members who were affected by the breach.
Patrick Howell O'Neill is a notable cybersecurity reporter whose work has focused on the dark net, national security, and law enforcement. A former senior writer at the Daily Dot, O'Neill joined CyberScoop in October 2016. I am a cybersecurity journalist at CyberScoop. I cover the security industry, national security and law enforcement.