Africa

Americas

Asia

Europe

Oceania

Popular Topics

Topics

About

Policies

Our Network

More

Close
Menu
Hackers had access to US security clearance data for a year

Hackers had access to US security clearance data for a year

The government still hasn't said how much data it fears was stolen

Fred O'Connor (IDG News Service)
Comments
Privacy

Privacy

Hackers who breached a database containing highly personal information on government employees with security clearances had access to the system for about a year before being discovered, The Washington Post reported on Friday.

The breach at the U.S. Office of Personnel Management dates back to June or July last year and was only discovered earlier this month.

The database in question contains applications for security clearances, which ask for information on all aspects of a person's life including social security numbers, passport numbers, names of former neighbors, and information on family members. It also asks about, over the past seven years, any contact with foreign nationals and problems with drug or alcohol abuse, debts or bankruptcy, imprisonment and run-ins with law enforcement.

The OPM hasn't said how much data it believes was stolen, but the longer intruders have to explore a network, the more data they can access. With the year they had, there are fears the theft could be substantial.

It is the second major breach uncovered and made public at the government department in recent weeks. The first, which came to light in early June, involved OPM's database on federal employees and is thought to have resulted in the theft of data on as many as 4 million workers.

While a perpetrator hasn't been named, U.S. officials, speaking under the cloak of anonymity, have said they suspect the Chinese government of playing a role.

The Chinese government has denied the accusations.

The OPM essentially serves as the government's human resources department and handles functions like hiring and retaining staff and running background checks. The office has information that could be used to identify people, including financial data and details about employees' families. The breach also raised concerns that information on intelligence workers was exposed.

Fred O'Connor writes about IT careers and health IT for The IDG News Service. Follow Fred on Twitter at @fredjoconnor. Fred's e-mail address is fred_o'connor@idg.com

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags Office of Personnel Management

More about FredFred'sIDGNewsTwitter

Show Comments
[]