Lisa Rein writes in the Washington Post that a new government review of what the Chinese hack of sensitive security clearance files of 21 million people means for national security is in — and some of the implications are quite grave. According to the Congressional Research Service, covert intelligence officers and their operations could be exposed and high-resolution fingerprints could be copied by criminals. Some suspect that the Chinese government may build a database of U.S. government employees that could help identify U.S. officials and their roles or that could help target individuals to gain access to additional systems or information. National security concerns include whether hackers could have obtained information that could help them identify clandestine and covert officers and operations (PDF).
CRS says that if the fingerprints in the background investigation files are of high enough quality, "depending on whose hands the fingerprints come into, they could be used for criminal or counterintelligence purposes." Fingerprints also could be trafficked on the black market for profit — or used to blow the covers of spies and other covert and clandestine officers, the research service found. And if they're compromised, fingerprints can't be reissued like a new credit card, the report says, making "recovery from the breach more challenging for some."
(Score: 0) by Anonymous Coward on Thursday July 30 2015, @01:25PM
The Chinese (or whoever; it could have been a 14 year old in Milwaukee for all the proof they have) have done more to monkey-wrench the American security state than Snowden, the EFF, and Chelsea combined.
(Score: 1) by miljo on Thursday July 30 2015, @01:54PM
The Chinese...have done more to monkey-wrench the American security state than Snowden, the EFF, and Chelsea combined.
But we won't admit that because we don't have a Bad Guy™, and we won't retaliate against the biggest holder of US Debt and our Strategic Trade Partner. We'll consider "sanctions" however. :^/
http://www.usnews.com/news/articles/2015/06/15/obama-considers-sanctions-after-opm-breach [usnews.com]
I genuinely feel bad for all of the folks who are trying to eek out a living as civil servants and had their information compromised.
One should strive to achieve, not sit in bitter regret.
(Score: 2) by zafiro17 on Thursday July 30 2015, @06:07PM
Thank you sir, I accept your pity, as I am a victim. I'm not too focused on who has done this (and I'm not beyond believing that my government would do the same thing to Chinese govt employees if given the chance - that's the way espionage works). But what the hell, I worked for the USG for nearly twenty years, and had a security clearance and the whole shebang. They've now got my kids' names, my fingerprints, a record of every place I ever worked or lived, and the contact info for dozens and dozens of people who could vouch for me.
It would be a piece of cake for someone to get a credit card application with the info that got stolen. It wouldn't be a surprise if I get pulled off line at the security section of the airport because somebody did something in my name, or tried to forge a passport with my info, or some crap like that.
So what happens now is like cancer: you just try to live your life, hoping bad things don't happen. Because other than obvious stuff there's not a whole lot you can do - the info is out there in the public, it's not your fault, and while awful stuff could happen to you and your family, there's nothing you can really do.
So, thanks for the pity. It's about all I've gotten. And the USG has given me exactly fuck-all. I'm trying to remember now, they may not even have informed me officially - I had to learn about it on the television, like everyone else.
Dad always thought laughter was the best medicine, which I guess is why several of us died of tuberculosis - Jack Handey
(Score: 2) by tibman on Thursday July 30 2015, @06:28PM
From the OPM website they haven't even begun to send notifications to the 21 million: https://www.opm.gov/cybersecurity/ [opm.gov]
SN won't survive on lurkers alone. Write comments.