OPM Revises Hack Details: 5.6m Fingerprints Compromised
In early June, the U.S. government revealed that four million federal employees were comprised as the result of a massive data breach at the Office of Personnel Management. It has since been suggested the number could be higher, and that the type of data grabbed (supposedly by Chinese hackers) was more extensive than originally reported. Today the OPM made a new update about the hack, revealing the hackers stole a few million more fingerprints than originally believed.
In a statement today, the Office of Personnel Management stated that 5.6 million people had their fingerprints swiped during the aforementioned hack. This is a considerably higher amount than the 1.1 million originally reported. This is only a fraction of the 21.5 million or so federal workers who were affected by the overall OPM breaches.
An investigation into the hack has been ongoing; the breach was first reported to the public earlier this year. The original OPM hack was followed up a short while later with the announcement of a second hack that targeted those who had applied for security clearances. Though the nation's government denies it, US officials have pointed toward China as the hack's source.
Those with compromised data will be sent notification letters via snail mail.
Fingerprint theft is a very big deal — while there may not be much hackers can do with it presently, technology is quickly changing in such a way that fingerprints are becoming an essential security measure. As security researchers have pointed out in past cases involving compromised biometrics, a stolen fingerprint is a useless fingerprint — while you can change your password if it becomes compromised, you can never erase your fingerprint and get a new one to replace it.
SOURCE: NBC News