- Bella Thorne comes out as pansexual 4 Years Ago
- Macy’s pulls portion-control plates after social media uproar 4 Years Ago
- John Oliver confirms the internet’s suspicions about that ‘Lion King’ cast photo Today 2:14 PM
- Report: Fake Libra accounts rampant on Facebook, Instagram Today 2:10 PM
- Tennessee neighbors form human chain to help father and son escape ICE Today 1:57 PM
- Google settled two multi-million dollar lawsuits this week Today 1:26 PM
- How to live stream Guadalajara vs. Atletico Madrid Today 12:47 PM
- Forget Area 51—People are planning to storm the Bermuda Triangle Today 12:41 PM
- It’s too late to book a room for the Area 51 raid Today 12:28 PM
- Adam Sandler’s next Netflix film is a star-studded Halloween comedy Today 12:17 PM
- How to live stream Arsenal vs. Real Madrid Today 12:06 PM
- Netflix’s ‘7SEEDS’ is an abominable adaptation of the original manga Today 11:59 AM
- Alinity Divine hasn’t been punished for throwing her cat—and people are livid Today 10:16 AM
- Gamer Krucial B passes away during Defend the North tournament Today 9:25 AM
- Brexit supporter Boris Johnson becomes prime minister—spawning lots of memes Today 9:16 AM
Hackers stole 21.5 million Social Security numbers from the U.S. government
The stolen data also includes more than 1 million fingerprints.
The hackers who breached the Office of Personnel Management stolen more than 21 million Social Security numbers, according to new details from the agency.
The OPM hack, first discovered in May, is the largest ever successful cyberattack against the U.S. government. Since the breach was first revealed in early June, the scope of the attack has been growing steadily. It was initially reported to affect four million federal employees, but that number was later bumped to 18 million and now stands at 21.5 million.
More than 19 million of the stolen records included background-check investigation details, and 1.1 million included fingerprint data, according to OPM. The agency also said that everyone who had undergone a background check beginning in 2000 was almost certainly affected.
U.S. authorities haven’t officially named a perpetrator for the attack, but most governmental sources are privately pointing the finger at China.
Michael Daniel, WH cyber advisor, says admin not ready to attribute the OPM hack to a specific actor. (DNI has said main “suspect” China)
— Shane Harris (@shaneharris) July 9, 2015
“We are deeply concerned over the failure of the federal government to adequately protect its personnel computer systems and the devastating impact the recent breaches of these systems may have on national security, as well as on the financial and personal security of millions of current and former federal employees,” David Snell, federal benefits service director of the National Active and Retired Federal Employees Association, said at a Congressional hearing on Wednesday.
Katherine Archuleta, OPM’s director, has resisted calls to resign from many Republicans, and she maintained that stance on Thursday as her agency provided its most detailed accounting to date of the scope of the breach.
In a statement released shortly after OPM’s announcement, the top Democrat on the House Intelligence Committee blasted the agency for failing to properly brief Congress.
“I do not believe OPM was fully candid in its original briefing to the Committee and omitted key information about two distinct hacks and the breadth of the potential compromise,” Rep. Adam Schiff (D-Calif.) said in a statement.
The failures that led to the OPM breach stretch beyond the small personnel office. The Department of Homeland Security, FBI, and even the National Security Agency have all faced cybersecurity vulnerabilities that officials are racing to patch. The government has been rolling out new cyber defenses and will continue to do so over the next year.
OPM is still in the process of notifying the millions of federal employees and family members who were affected by the breach.
Patrick Howell O'Neill is a notable cybersecurity reporter whose work has focused on the dark net, national security, and law enforcement. A former senior writer at the Daily Dot, O'Neill joined CyberScoop in October 2016. I am a cybersecurity journalist at CyberScoop. I cover the security industry, national security and law enforcement.