Posted on 06/12/2015 8:18:27 PM PDT by kristinn
Hackers have breached a database containing a wealth of sensitive information from federal employees’ security background checks, the Obama administration said Friday — news that experts say could deal a devastating blow to U.S. intelligence gathering.
The revelations came just a week after officials disclosed a previous massive cyber intrusion into the same federal personnel office, compromising records of more than 4 million current and past employees in a breach that administration officials have privately blamed on Chinese hackers.
The stolen records in the hack disclosed Friday included data on intelligence and military personnel, The Associated Press reported. A senior administration official would not confirm that information but confirmed that the breach occurred at the Office of Personnel Management.
The hackers are believed to have obtained data from a security intake form known as a Standard Form-86, which includes details such as financial trouble, past convictions, drug use and close relationships with citizens of other countries. The form is used for background checks of current, former and prospective federal employees.
“This is crown jewels material … a gold mine for a foreign intelligence service,” said Joel Brenner, a former NSA senior counsel.
The SF-86 breach could have dire consequences for U.S. intelligence gathering, former officials said, noting that it would make it extremely difficult for anyone inside the database to ever work in a covert capacity. For example, that would include someone employed by the State or Agriculture departments who gathers intelligence for the Defense Intelligence Agency. “This is not the end of American human intelligence, but it’s a significant blow,” Brenner said.
As of October, 4.5 million Americans were cleared for access to classified information, including approximately a million contractors.
And because the SF-86s are stored in an indexed database, that database could also be combed for secrets, said Robert Caruso, a former Navy special security officer who has worked in security at the State and Defense departments. For example, Chinese agents could search the database for instances when agents with NSA covers were in the same place at the same time and make reasonable deductions about what they were doing there.
Brenner and Caruso both said it’s likely that clearance forms from the Defense Department and its related intelligence agencies, including NSA and the Defense Intelligence Agency, could be accessed through OPM. It’s much less likely that CIA employee clearance information was accessed that way because the CIA has traditionally insisted on managing its own personnel information.
“CIA refuses to put its people’s information in with OPM, and of course they’re right,” Brenner said. One lesson to draw from the breach, he said, is that “any serious clandestine agency has to be in charge of its own personnel information. Full stop.”
Investigators became aware of this second breach of the OPM’s systems as they pursued a previously disclosed breach into an unencrypted system holding personnel files of as many as 4.2 million current and past federal employees. That information included Social Security numbers, as well as names, addresses, pay grades, personnel actions and pension, insurance and health plan details.
The administration official said the relevant federal agencies received notification of the latest hack on Monday. “We expect OPM will conduct additional notifications as necessary,” the official said in a statement.
SNIP
Holy crap. If they got electronic info, they cracked the e-QIP database. Oy...
Now can we shoot them?
We’ve been hearing about various hacks by the Russians and Chinese for the last few years. We’re being conditioned. If we wake up one morning to a worthless dollar it would be easy to blame them. That’s probably cause for war, huh?
Everyone except the CIA... makes one wonder if the CIA did the hacking.
Interesting.... wouldn’t this then increase the likelihood that future appointees requiring security clearances, etc., at least up to those youngsters coming on board after the breach, be only CIA, as all others have been conveniently compromised?
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.