The hackers responsible for breaching the Office of Personnel Management’s (OPM) database have potentially acquired more than double the four million files suggested in the estimate provided by OPM, the Associated Press reports.
"We believe that the Central Personnel Data File was the targeted database, and that the hackers are now in possession of personnel data for every federal employee, every federal retiree, and up to one million former federal employees," J. David Cox, president of the American Federation of Government Employees, said.
Sen. Harry Reid (D., Nev.), the minority leader, has suggested that Chinese hackers were behind the massive security breach but did not say whether the Chinese government or independent Chinese hackers were responsible.
The AP reports:
Mike Rogers, the former chairman of the House intelligence committee, said last week that Chinese intelligence agencies have for some time been seeking to assemble a database of information about Americans. Those personal details can be used for blackmail, or also to shape bogus emails designed to appear legitimate while injecting spyware on the networks of government agencies or businesses Chinese hackers are trying to penetrate.
Hackers now have access to, among other information, over four million Social Security numbers.
"We believe that Social Security numbers were not encrypted, a cybersecurity failure that is absolutely indefensible and outrageous," Cox said.
While the security lapse’s direct consequences are not yet clear, some have speculated that the Chinese could use this information to create profiles of "potential assets or targets," or simply blackmail victims of the breach.