ABC News Exclusive: 25 Million Affected by OPM Hack, Sources Say
ABC News(WASHINGTON) — The U.S. agency burglarized by suspected Chinese hackers has completed its long-awaited damage assessment: More than 25 million people inside and outside government likely had their personal information stolen, sources tell ABC News.
That number is more than six times larger than what the Office of Personnel Management announced a month ago when first acknowledging a major breach had occurred.
At the time, OPM only disclosed that the personnel records of 4.2 million current and former federal employees had been compromised.
But there was little doubt – at least privately – that the universe of victims was vastly bigger because the hackers had access to far more than personnel records, including files associated with background investigations and information on government workers’ families.
In fact, the hackers rummaged through various OPM databases for more than a year, and lawmakers and U.S. officials alike have described the breach as a significant threat to national security.
“It is a huge deal,” FBI Director James Comey told a Senate panel on Wednesday.
After media reports surfaced saying more than just personnel records were stolen, the Obama administration publicly maintained the theft of background-investigation files was a “separate incident” still under investigation.
Some U.S. officials and lawmakers believe that distinction – encompassing the same cyber-campaign – kept the full scope of the OPM breach hidden for weeks.
“I’m sure you will probably obfuscate, [but] when will the American people know … the extent of this penetration?” Sen. John McCain, R-Arizona, asked OPM Director Katherine Archuleta at a hearing on Capitol Hill two weeks ago.
Despite mounting public pressure and push-back from top FBI officials during closed-door briefings, senior OPM officials continued to say they couldn’t offer even an estimate until they determined exactly how many people were affected by the “separate but related incident.”
As part of a “time-consuming analysis,” investigators had to ensure they weren’t double-counting people whose personal information may have been stored in more than one system breached, Archuleta said two weeks ago.
Investigators ultimately determined that 19.7 million applicants for security clearances had their files stolen, and information related to nearly 2 million relatives and other associates had their personal information taken, sources said. That’s in addition to the 4.2 current and former government employees whose personnel files were compromised, sources said.
U.S. intelligence and law enforcement officials are particularly concerned over the theft of forms known as SF-86s that current and prospective federal workers, including certain military personnel, and even contractors submit for security clearances.
The forms require applicants to provide personal information not only about themselves but also relatives, friends, “associates” and foreign contacts spanning several years. The forms also ask applicants about past drug use, financial history, mental health history and personal relationships.
Such information could be exploited to pressure or trick employees and U.S. officials into further compromising their agencies, or they could provide ways for hackers to target people outside government, sources have told ABC News.
An OPM system known as “e-QIP” that allows applicants to submit SF-86s and other materials online remains suspended in the wake of the breach.
The attack on OPM began in late 2013, when hackers infiltrated the systems of a government contractor, KeyPoint Government Solutions, and stole the “credentials” of an employee, according to two days of testimony on Capitol Hill.
Sources suspect that was the start of an unprecedented cyber-campaign out of China to collect information on federal workers inside the United States and others around the world.
A major breach of OPM systems wasn’t detected until April, after OPM began implementing new cyber-security measures. That led investigators to realize the files associated with background investigations had been taken.
Copyright © 2015, ABC Radio. All rights reserved.