In Major Humiliation, Government Admits Nearly 6 Million Fingerprints Were Stolen In OPM Hack
by Tyler Durden
ZeroHedge.com
09/23/2015
What began with an alleged attempt by Kim Jong-un to sabotage Seth Rogen and James Franco for plotting to assassinate his likeness on film, and what reached peak absurdity when Penn State claimed that Chinese hacker spies had taken control of the university’s engineering department, culminated with what’s been variously described as “the largest theft of US government data ever” and an attack “so vast in scope and ambition that the usual practices for dealing with traditional espionage cases [do] not apply.”
Those rather dramatic sounding characterizations refer of course to the alleged breach of the Office of Personnel Management by Chinese hackers.
That attack compromised some 22 million government employees. For its part, Beijing initially called the accusations that the attack emanated from China “irresponsible” and “groundless.”
Amusingly, the counter-hacking system that is supposed to prevent things like this from happening is called “Einstein” and by the US government’s own admission, it’s already obsolete. Unfortunately, Congress’ now famous inability to do what they were elected to do (i.e. legislate) has left the US unable to pass a cyber security initiative that would help the US better protect itself against attacks like that which occurred on the OPM.
In any event, cyber security was back in the spotlight (actually it never really left) last week when the US decided that slapping Chinese entities with sanctions for their alleged role in hundreds of cyber attacks on the US over the course of the last half decade was probably a bad idea ahead of a visit by Chinese President Xi Jinping, who some analysts predicted simply would not make the trip if Washington was unwilling to do Beijing the courtesy of waiting until Xi was back in China before handing down sanctions.
But while the Obama administration did indeed relent on the timing of the cyber sanctions, new revelations regarding the theft of “biometric ID authentication markers” (a.k.a fingerprints) look set to make Xi’s visit a bit more uncomfortable than it otherwise would have been, especially in light of comments he made in a speech in Seattle. Here’s Wired with more:
When hackers steal your password, you change it. When hackers steal your fingerprints, they’ve got an unchangeable credential that lets them spoof your identity for life. When they steal 5.6 million of those irrevocable biometric identifiers from U.S. federal employees—many with secret clearances—well, that’s very bad.
On Wednesday, the Office of Personnel Management admitted that the number of federal employees’ fingerprints compromised in the massive breach of its servers revealed over the summer has grown from 1.1 million to 5.6 million. OPM, which serves as a sort of human resources department for the federal government, didn’t respond to WIRED’s request for comment on who exactly those fingerprints belong to within the federal government. But OPM had previously confirmed that the data of 21.5 million federal employees was potentially compromised by the hack—which likely originated in China—and that those victims included intelligence and military employees with security clearances.
The revelation comes at a particularly ironic time: During the U.S. visit of Chinese president Xi Jinping, who said at a public appearance in Seattle that the Chinese government doesn’t condone hacking of U.S. targets, and pledged to partner with the U.S. to curb cybercrime.
The Rest…HERE
