If they can't keep their secret information secret, how will they do with yours?
<img src="http://www.forensicmag.com/sites/forensicmag.com/files/Stolen_Security_C... align="right">In a second Office of Personnel Management data breach revelation, it was discovered that deeply personal information submitted by U.S. intelligence and military personnel for security clearances — including mental illnesses, drug and alcohol use, past arrests, bankruptcies, affairs and more — was stolen by hackers linked to China, The Associated Press reports.
![http://www.forensicmag.com/sites/forensicmag.com/files/Stolen_Security_C...](http://www.forensicmag.com/sites/forensicmag.com/files/Stolen_Security_Clearance_Information_Potential_Blackmail.jpg"){kind=link}
The cyber breach of federal records, dramatically worse than the first acknowledged a week prior, involved Standard Form 86, which applicants are required to complete, according to authorities who spoke to AP.
Those applying for security clearance must also list contacts and relatives, potentially exposing any foreign relatives of U.S. intelligence employees to coercion. Both the applicant's Social Security number and that of anyone living with them are required.
<!--break-->
The White House said in a statement Friday that investigators concluded there was "a high degree of confidence that ... systems containing information related to the background investigations of current, former and prospective federal government employees, and those for whom a federal background investigation was conducted, may have been exfiltrated."
U.S. government officials and cyber analysts say Chinese hackers are using high-tech tactics to build massive databases that could be used for traditional espionage, such as recruiting spies, or gaining access to secure data on other networks, Reuters reports.
One official told Reuters the stolen information would enable an intelligence service to chart out relationships among U.S. government employees and build pictures of individuals and their families, potentially enabling them to figure out ways to target or blackmail people for espionage purposes.
Reuters also reported on one such potential blackmail scenario. A retired 51-year-old military man disclosed in a U.S. security clearance application that he had a 20-year affair with his former college roommate's wife. This situation was resolved; other situations might not be so lucky.
Reacting to the two major breaches of federal networks, the White House late Friday launched an attempt to fight back, according to The Washington Times. A 30-day program designed to beef up cybersecurity protocol across government, dubbed the “30-day Cybersecurity Sprint,” calls on agencies to take specific steps over the next month to better protect sensitive information and make it more difficult for hackers to gain access to federal systems.
See http://www.forensicmag.com/articles/2015/06/stolen-security-clearance-in...
- Log in to post comments