Giant OPM Data Hack Did Blow U.S. Spies’ Cover

images?q=tbn:ANd9GcSUZsj160Hptc_PF2SxWO-AhSci06s9nLoiMgli9wUPeHkr_G0sDw

US investigators fear that the identity of spies working undercover could be revealed by the cyber security breach, which was revealed last month and exposed the private information of more than 21 million people.
 
A data breach at the US Office of Personnel Management (OPM) could blow the cover of US spies working overseas, say US intelligence officials, who fear the information could be used by another state to determine the activities of US citizens working within its borders.  

US officials had sought to downplay the risks of US spies being uncovered by the data hack, which the OPM announced on June 4, when it promised to notify 4.1 million current and former federal employees whose records had been accessed.

Earlier this month the OPM disclosed the fuller extent of the breach, estimating that more than 21 million people had had some form of their data exposed in the hack, including more than 1.1 million fingerprint records.  

Social Security numbers, job assignments, performance ratings and the training information on employees and contractors were included in the accessed data, but agency officials have maintained that the personal data of intelligence officials was not kept in the database.

Though it is unclear if the personal information of US spies was held in the OPM database, it is feared that even if the spies' data has not been entered into the OPM records, as intelligence officials maintained, it is possible for those with access to the hacked records to nevertheless analyze the data and uncover American spies.

By comparing the list of federal employees with a list of people granted visas to work in US diplomatic posts, a common cover for US intelligence officers who are gathering information in a foreign state, the identity of spies could be deduced, since their names would be on the latter list, but not the former.

Though some US government officials and politicians have publicly attributed the attacks to hackers based in China, other US officials such as NSA chief Rogers have declined to allege that Chinese hackers are behind the attacks, and the Chinese government has rejected the claims, described as "irresponsible and counterproductive" by the Chinese Embassy in the United States.
 
"China, itself a major victim of cyber-attacks, has made it clear that it is against all forms of hacking attacks, and it believes that members of the international community need better communication and cooperation to address cyber security breaches," said the Chinese news agency Xinhua in the aftermath of the breach.

Sputnik

« Don't Make These IT Mistakes in Your Organisation
In The War of 2050, The Robots Call The Shots »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Quttera

Quttera

Quttera provides Website Security Solutions for Small & Medium Businesses, Enterprises and Organizations.

MyCERT

MyCERT

MyCERT is the National Computer Emergency Response Team of Malaysia.

BSA - The Software Alliance

BSA - The Software Alliance

BSA is the leading advocate for the global software industry before governments and in the international marketplace.

CERT-PH

CERT-PH

CERT-PH is the National Computer Emergency Response Team and the highest body for cybersecurity related activities in the Philippines.

CyberDegrees.org

CyberDegrees.org

CyberDegrees.org aims to provide top-notch information for students seeking Cyber Security education and career guidance.

WWPass

WWPass

WWPass is a global cybersecurity company that provides password-less authentication and client-side encryption technology.

Omnipotech

Omnipotech

Omnipotech is a complete managed service provider. From desktop to datacenter, all the technology support you need, under one umbrella.

CyberNews

CyberNews

Cybernews.com is a research-based online publication that helps people navigate a safe path through their increasingly complex digital lives.

GrayMatter

GrayMatter

GrayMatter provides Advanced Industrial Analytics, OT Cybersecurity, Digital Transformation and Automation & Control services to clients across the U.S. and Canada.

Narf Industries

Narf Industries

Narf Industries are a small group of reverse engineers, vulnerability researchers and tool developers that specialize in tailored solutions for government and large enterprises.

Rhymetec

Rhymetec

Rhymetec are an industry leader in cloud security, providing innovative cybersecurity and data privacy services to the modern-day SaaS business.

Occentus Network

Occentus Network

Occentus Network is a telecommunications service provider specialized in High Availability Servers & managed Cloud services.

Lodestone

Lodestone

Lodestone partners with clients to help them mitigate business and reputational risk, through our human-based, approach to cyber security, digital forensics and incident response.

endpointX

endpointX

endpointX is a preventative cyber security company. We help companies minimize their risk of breach by improving cyber hygiene.

Foresiet

Foresiet

Foresiet is the first platform to cover all of your digital risks, allowing enterprise to focus on the core business.

Aurascape AI

Aurascape AI

Aurascape is working on advanced cybersecurity solutions powered by grounds-up generative AI architecture.