Security clearance hack stretches back full year

Security clearance hack stretches back full year
© Getty Images

Office of Personnel Management (OPM) officials acknowledged late Thursday that a data breach exposing security clearance data occurred a full year ago, The Washington Post reported.

The revelation that hackers spent a full year in the OPM networks without being discovered gave them considerable time to pilfer as much data as they wanted.


"If somebody was in last year and they had that much time ... then the odds are that they have a huge cache and have really taken all the crown jewels in that system," Tony Cole, global government chief technical officer for security firm FireEye, told The Hill.

The OPM’s inability to uncover the malicious actors will also likely generate new rounds of criticism of the already embattled agency and its director, Katherine Archuleta.

The infiltration is the second major hack the OPM has uncovered in recent months. Officials announced in early June that an intrusion discovered in April had put 4.2 million federal worker’s information, including Social Security numbers, at risk.

While examining that compromise, investigators found evidence that hackers had also gained access to the agency’s security clearance computer system.

Officials informed the public a week ago of the second breach, revealing that military and intelligence community personnel were likely affected. But they did not speculate as to when the digital invaders had entered the system. Lawmakers said this week they had also not yet been informed of a timeline.

The infiltrated system also includes private data on workers’ families and financial records. Government contractors were in the database as well, officials confirmed Thursday.

But the question of how many total people are at risk from the security clearance breach is still unclear, the OPM said.

Many expect the total number of people affected by the OPM breaches to rise to 14 million.

Officials have said privately they believe Chinese hackers are behind the digital theft. It’s thought the cyberattacks are part of a larger scheme to gather a comprehensive database on government workers. The mammoth cyber theft of over 90 million people’s information from health insurers Anthem and Premera Blue Cross are thought to be part of the campaign, as well.

Such an exhaustive portfolio could be used for many types of digital exploitation, blackmail or even to recruit informants, according to security experts.

Capitol Hill has roundly bashed the OPM for failing to address its security deficiencies and for poorly managing the fallout from the hacks.

Lawmakers were frustrated with Archuleta’s performance during a House Oversight and Government Reform Committee hearing earlier this week and feel the agency has been occluding information on the attacks.

“I haven’t gotten a good briefing on it yet,” Senate Homeland Security and Governmental Affairs Committee Chairman Ron JohnsonRonald (Ron) Harold JohnsonDemocrats seek leverage for trial Overnight Defense: House passes compromise defense bill | Turkey sanctions advance in Senate over Trump objections | Top general says military won't be 'raping, burning and pillaging' after Trump pardons Senate panel advances Turkey sanctions bill despite Trump objections MORE (R-Wis.) told reporters Thursday. “They’re just not giving us much information.”

Rep. Jason ChaffetzJason ChaffetzElijah Cummings, Democratic chairman and powerful Trump critic, dies at 68 House Oversight panel demands DeVos turn over personal email records The Hill's Morning Report - Presented by JUUL Labs - Trump attack on progressive Dems draws sharp rebuke MORE (R-Utah), who chairs the Oversight panel, has been leading the charge calling for Archuleta’s resignation.

Archuleta and the agency have defended their security strategy, arguing the hacks were only uncovered because of an aggressive campaign to modernize a woefully outdated system, parts of which date back to 1985.