ADVERTISEMENT

Office of Personnel Management: 21 Million Affected in Massive Data Breach

Office of Personnel Management Director Katherine Archuleta
Office of Personnel Management Director Katherine Archuleta / AP
July 9, 2015

Over 21 million individuals inside and outside the government fell victim to a hack supposedly carried out by Chinese sources, in addition to over four million current and former government employees whom the U.S. Office of Personnel Management disclosed had been compromised in a separate breach it acknowledged last month.

According to National Journal, OPM admitted Thursday that sensitive information accessed by hackers included Social Security numbers, fingerprint data and "residency and educational history; employment history; information about immediate family and other personal and business acquaintances; health, criminal and financial history; and other details."

The government agency said in June that 4.2 million current and former government employees likely had their information stolen as a result of a separate hack.

"Throughout this investigation, OPM has been committed to providing information in a timely, transparent and accurate manner," OPM said in a statement Thursday after completing its anticipated damage assessment.

This hack, suspected to have originated in China, began in May 2014, meaning those responsible likely had access to OPM databases for about a year. OPM did not notice the breach until May of this year.

"If an individual underwent a background investigation through OPM in 2000 or afterwards ... it is highly likely that the individual is impacted by this cyber breach," OPM explained.

Among the agency's final conclusions, 19.7 million individuals applying for security clearances had personal information stolen. Approximately 2 million of their relatives and associates also had sensitive information lifted.

"It is a huge deal," FBI Director James Comey to admitted of the situation to a Senate panel Wednesday.

For affected parties, the government agency is currently offering "a comprehensive suite of monitoring and protection services."