It gets worse: ​Two Federal OPM hacks affected up to 18 million

UPDATED: In addition to current and former employees, it appears the records of people who had applied for government jobs were also revealed.

opm-building.jpg
The more we find out about the OPM hack, the worse it looks.

CNN is reporting that the personal data of 18 million current, former, and prospective federal employees was stolen in the cyberattack that targeted the Office of Personnel Management (OPM) hack.

Sources at other government agencies confirmed to ZDNet that more than 10 million personnel records were stolen.

FBI Director James Comey reportedly gave the 18 million estimate in a closed-door Senate briefing not long after the breach. In addition to current and former employees, it appears the records of people who had applied for government jobs were also revealed.

OPM Director Katherine Archuleta has since admitted that up to 18 million unique Social Security numbers were stolen as part of the cyberattack, though she cautioned that the numbers were unverified and preliminary. She made this statement in testimony to the House Oversight Committee.

The revelation does not come as much of a surprise.

J. David Cox, president of the American Federal of Government Employees (AFGE), which represents more than 670,000 federal employees, claimed that the hack was significantly worse than what the Obama administration first claimed.

Cox claimed "all personnel data for every federal employee, every federal retiree, and up to one million federal employees" was stolen. At the time, Cox also said Social Security numbers had been stolen in an unencrypted format, which he described as "absolutely indefensible and outrageous."

Since then, it's also been shown that the OPM badly mishandled its first efforts to protect employees identity and credit history. The OPM and its contractor, CSID, sent e-mails to staffers that made it possible for hackers to launch phishing attacks on them.

That said, as this story continues to unwind, the news only looks worse and worse both for how the OPM handled its internal security and for the federal employees whose records have been revealed.

Neither the FBI nor the OPM confirmed at the time of the original report that 18 million records were revealed. An FBI representative said, "As this remains an ongoing investigation, we are unable to provide any details on this matter at this time.

Related stories:

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All