https://www.opm.gov/cybersecurity/
This happened maybe about a month ago, but new information seems to keep coming to light about this.
So basically, the Office of Personnel Management (OPM) is the department in the federal government which handles essentially human resources. For that reason, they store all of the records for federal employees in the US. Also, the PM handles background investigations for security clearances, which means that every single person that applies for a security clearance (which is a LOT of people) has to provide them with information. The type of information that you provide in a security clearance application is deeply personal. It includes personal information on family members, employment history, everywhere you've lived for the last X number of years, very personal financial information, and much more. Basically, everything the government could think of asking. Also, their records even include information on background investigations that the applicant isn't even privy to, from what I understand.
And about a month ago, it was revealed that some entity (whether it be a private individual or a country) managed to steal all of this data, on every security clearance applicant and federal government employee. This has a large number of serious ramifications. The government wants to know all of this information so that they can determine, essentially, what can be used to bribe or blackmail an applicant. A foreign government could use this information to determine exactly who to bribe and who to blackmail with what. And, apparently, they can target any government employee, at least any employee that is in the database. They also get a roadmap of the entire government, essentially.
What are your thoughts on this? Is it as bad a breach as it seems to be? Does this say anything broader about what this nation or the world needs to do about cyber security? As someone who has applied for a security clearance in the past through OPM, this is quite concerning to me, as my information was undoubtably also leaked.
This happened maybe about a month ago, but new information seems to keep coming to light about this.
So basically, the Office of Personnel Management (OPM) is the department in the federal government which handles essentially human resources. For that reason, they store all of the records for federal employees in the US. Also, the PM handles background investigations for security clearances, which means that every single person that applies for a security clearance (which is a LOT of people) has to provide them with information. The type of information that you provide in a security clearance application is deeply personal. It includes personal information on family members, employment history, everywhere you've lived for the last X number of years, very personal financial information, and much more. Basically, everything the government could think of asking. Also, their records even include information on background investigations that the applicant isn't even privy to, from what I understand.
And about a month ago, it was revealed that some entity (whether it be a private individual or a country) managed to steal all of this data, on every security clearance applicant and federal government employee. This has a large number of serious ramifications. The government wants to know all of this information so that they can determine, essentially, what can be used to bribe or blackmail an applicant. A foreign government could use this information to determine exactly who to bribe and who to blackmail with what. And, apparently, they can target any government employee, at least any employee that is in the database. They also get a roadmap of the entire government, essentially.
What are your thoughts on this? Is it as bad a breach as it seems to be? Does this say anything broader about what this nation or the world needs to do about cyber security? As someone who has applied for a security clearance in the past through OPM, this is quite concerning to me, as my information was undoubtably also leaked.
