Posted on 06/11/2015 7:02:35 PM PDT by 2ndDivisionVet
A hack announced last week affected all current and retired federal employees, and hackers got their hands on much more personal information than previously announced, the American Federation of Government Employees said Thursday.
A December breach of government systems containing personal information of millions of federal employees was worse than originally thought.
A union of federal workers said Thursday that the attack, announced last week, had stolen confidential information of every single federal employee, past or present -- far more than was previously revealed. The government disputes those claims.
It's the latest in a spree of damaging hacks against the government, including an attack in March 2014 that also involved federal employee records.
Hackers acting in the name of a political agenda, and those paid by other countries, have stepped up their efforts to breach U.S. government systems for a variety of reasons. In some cases, they've hoped to embarrass President Barack Obama's administration, and in others they've made statements about the US military. Successful attacks include a group that breached the CIA's public website, another that took control of the US military's Twitter feed, and a group that successfully intercepted the president's emails.
In this case, if the union is correct, the hack would be the first to affect every employee of any organization or company.
The union's allegations come a few months after Obama promised the federal government would work with companies to protect people from hacks and identity theft. Obama's administration has since blamed Chinese hackers for the breach of federal employee information.
"We believe that hackers are have every affected person's Social Security number, military records and veterans' status information, address, birth date, job and pay history, health insurance, life insurance, and pension information; age, gender, race, union status, and more," American Federation of Government Employees President J. David Cox wrote in a letter to the US Office of Personnel Management. Worse, he wrote the Social Security numbers of employees don't appear to have been protected with encryption algorithms, a standard security measure for sensitive information. Cox called the lack of adequate security controls "absolutely indefensible and outrageous."
Jackie Koszczuk, a spokeswoman for the Office of Personnel Management, said in the Associated Press report that every current and retired federal employee's records were compromised was not correct.
The letter was first obtained by the Associated Press.
The attack was first revealed last week, when the government said the personal information of 4 million federal workers had been breached. The union said it believes "the hackers are now in possession of all personnel data for every federal employee, every federal retiree, and up to one million former federal employees," Cox wrote.
The government has pledged to notify each affected employee of the hack and offer services to help counter any abuse of their information.
Think you could be a bit more helpful?
Wonder how far it goes back?
The hack also includes all their security clearance documentation. If this is true, it is a national security nightmare.
NSA Employees are prolly “Up Front and Center”
Sorry my tears are used up by other issues
TT
(Hillary and the IRS have drained me of every tear)
We were FIRST
When I heard this on the news, I heard myself laugh out loud.
You know that line in the movies: “We know where your family lives?” All the information that the bad guys use to extort the good guys?
This breech is it.
One report on the news tonight said a “source” told them that Congressional and Executive aides were not included, and that some of the intelligence community were.
“The government has pledged to notify each affected employee of the hack and offer services to help counter any abuse of their information.”
Ha ha ha ha hah hah HAH ha ha hohohoo! “Trust us!” Har!!
The “help” in “countering the abuse” is probably the same firm that designed that hilarious Obamacare website. Or something similar.
My firm’s identity theft component is rated #1, which is why I’d bet $100 we’re not the one they are providing. LOL
I think the Chinese are looking for spies, or for people who could become spies. That’s why I’m not convinced that identity theft protection is going to be useful in this case.
A persons name.
Where they live.
What Department/agency they work for
What job they do there
What level security clearance they hold
If EQIP is included all the information on their security clearance paperwork. So family members names and info, financial info, where they went to school, things like past arrests, etc.
So the ChiComs can very narrowly target potential assets, develop profiles on them, find weak points to use to develop (either through extortion and/or incentives) to develop them AS assets.
In a completely proactive manner. Think of all the convicted spies (Walkers, Hansen, Ames) who were the ones who initiated the contact. Basically fell into the laps of the Soviets. The ChiComs don’t need to rely on that, with this they can develop assets through active outreach methods.
That "we" included federal employees, too. The NSA's like a nuke, it doesn't care if you're civilian, military, or govt. employee, you're going to be caught up in it.
Those folks may be hired personally by the congress and certain executives may as well. That could be correct, as they would likely not have gone through OPM.
The "help" is in providing for credit monitoring for a limited period of time.
Information Security is an illusion. Unless you exist completely off the grid and pay for everything in cash, your information is out there and it is vulnerable. In fact, there is a good chance a hacker already has it. IMO, Identity Theft Protection and Identity Theft Insurance are need to haves.
I work in IT Operations and our network and systems are under attack 7x24x365. 90% of the malicious traffic comes from China and Russia.
“The government has pledged to notify each affected employee of the hack and offer services to help counter any abuse of their information.”
Oh really? Somehow I knew they’d get preferential treatment. When identity theft happens to Joe Schmo, you’re on your own, Buddy. You have to prove your innocence without any compassion whatsoever. And absolutely no information. Recently happened to me ..my SS# was used to collect government assistance. Long story short, no help in figuring out how, why, when, and a real stink of a “too bad” attitude. I hope they are squirming, and the ones who deserve it get it back in spades.
It’s not preferential treatment. Commercial companies also offer free credit monitoring for one year as SOP when they admit to getting hacked.
However, this hack compromises cleared employees more than you apparently understand. It’s not about ID theft at all.
Thanks - makes sense....
Why the arrogance? do all 14 million hacked understand what it is all about?
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.