Washington (CNN) The personal data of an estimated 18 million current, former and prospective federal employees were affected by a cyber breach at the Office of Personnel Management – more than four times the 4.2 million the agency has publicly acknowledged. The number is expected to grow, according to U.S. officials briefed on the investigation.
FBI Director James Comey gave the 18 million estimate in a closed-door briefing to Senators in recent weeks, using the OPM’s own internal data, according to U.S. officials briefed on the matter. Those affected could include people who applied for government jobs, but never actually ended up working for the government.
The same hackers who accessed OPM’s data are believed to have last year breached an OPM contractor, KeyPoint Government Solutions, U.S. officials said. When the OPM breach was discovered in April, investigators found that KeyPoint security credentials were used to breach the OPM system.
Some investigators believe that after that intrusion last year, OPM officials should have blocked all access from KeyPoint, and that doing so could have prevented more serious damage. But a person briefed on the investigation says OPM officials don’t believe such a move would have made a difference. That’s because the OPM breach is believed to have pre-dated the KeyPoint breach. Hackers are also believed to have built their own backdoor access to the OPM system, armed with high-level system administrator access to the system. One official called it the “keys to the kingdom.” KeyPoint did not respond to CNN’s request for comment.
via CNN
I certainly hope there are not many naive souls out there who think our government is in capable hands in damn near any arena. Not only does it invade privacy in untold and secret ways, regardless of the NSA ruling, it can’t even keep its own information technology from being invaded. Just how does the Fed expect to handle the compromising of private information of 18 million people?
Simple. It won’t. We’ll get some stupid offer for a security patch, maybe a Congressional or Senate hearing and promises from the usual blowhards, and then sit back and wait for the next breach. I have zero confidence in the OPM’s ability to “fix” the security problem. Even if they try to update their backup systems, backdoor codes and other ways hackers invade, by the time it’s implemented the hackers will have found other ways to gain access.
We can’t keep up with cyber crime. It may well become the ultimate weapon in bringing down the economy, worldwide investment commodities, banks and Federal Reserve, wiping out assets by the trillions.
It makes me afraid of losing my TSP account, which, I’m positive if it were stolen, I’d never get a penny back, a few modest CD’s, and postal retirement and annuities.
With interest rates for investing so low, the ol’ mattress is looking better all the time.
like the rest of the post office……their firewall was 3rd rate!
nice going !