Giant OPM Data Hack Did Blow U.S. Spies’ Cover

Uploaded on 2015-07-30 in NEWS-Cybersecurity News, INTELLIGENCE--USA, FREE TO VIEW

images?q=tbn:ANd9GcSUZsj160Hptc_PF2SxWO-AhSci06s9nLoiMgli9wUPeHkr_G0sDw

US investigators fear that the identity of spies working undercover could be revealed by the cyber security breach, which was revealed last month and exposed the private information of more than 21 million people.
 
A data breach at the US Office of Personnel Management (OPM) could blow the cover of US spies working overseas, say US intelligence officials, who fear the information could be used by another state to determine the activities of US citizens working within its borders.  

US officials had sought to downplay the risks of US spies being uncovered by the data hack, which the OPM announced on June 4, when it promised to notify 4.1 million current and former federal employees whose records had been accessed.

Earlier this month the OPM disclosed the fuller extent of the breach, estimating that more than 21 million people had had some form of their data exposed in the hack, including more than 1.1 million fingerprint records.  

Social Security numbers, job assignments, performance ratings and the training information on employees and contractors were included in the accessed data, but agency officials have maintained that the personal data of intelligence officials was not kept in the database.

Though it is unclear if the personal information of US spies was held in the OPM database, it is feared that even if the spies' data has not been entered into the OPM records, as intelligence officials maintained, it is possible for those with access to the hacked records to nevertheless analyze the data and uncover American spies.

By comparing the list of federal employees with a list of people granted visas to work in US diplomatic posts, a common cover for US intelligence officers who are gathering information in a foreign state, the identity of spies could be deduced, since their names would be on the latter list, but not the former.

Though some US government officials and politicians have publicly attributed the attacks to hackers based in China, other US officials such as NSA chief Rogers have declined to allege that Chinese hackers are behind the attacks, and the Chinese government has rejected the claims, described as "irresponsible and counterproductive" by the Chinese Embassy in the United States.
 
"China, itself a major victim of cyber-attacks, has made it clear that it is against all forms of hacking attacks, and it believes that members of the international community need better communication and cooperation to address cyber security breaches," said the Chinese news agency Xinhua in the aftermath of the breach.

Sputnik

« Don't Make These IT Mistakes in Your Organisation
In The War of 2050, The Robots Call The Shots »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Information Security Systems (ISSCOM)

Information Security Systems (ISSCOM)

ISSCOM provide services to help companies implement Information Security Management Systems (ISMS) by providing consultancy and hands-on assistance.

Cloud Foundry Foundation (CFF)

Cloud Foundry Foundation (CFF)

Cloud Foundry supports the full application development lifecycle, from inception, through all testing stages, to deployment.

Homeland Security Advanced Research Projects Agency (HSARPA)

Homeland Security Advanced Research Projects Agency (HSARPA)

HSARPA's Cyber Security Division (CSD) was set up to address DHS cyber operational and critical infrastructure protection requirements.

CompliancePoint

CompliancePoint

We design and implement strategies, processes & procedures to mitigate risk, reach compliance goals, protect data assets, and meet industry standards.

HorizonIQ

HorizonIQ

HorizonIQ (formerly Internap Corp / INAP) maximizes efficiency and innovation with flexible infrastructure solutions.

TOAE Security

TOAE Security

TOAE Security is a trusted cyber security consulting partner helping today's leading organizations protect their most important assets from evolving cyber threats.

Evanston Technology Partners (ETP)

Evanston Technology Partners (ETP)

ETP provides services and solutions to enable and transform businesses in the areas of cybersecurity, data protection, and efficient operations practices.

Seknox

Seknox

Seknox TRASA™ protects your business from insider threats.

Digital Silence

Digital Silence

Digital Silence is a world-class provider of information security research and consulting services.

OX Security

OX Security

OX is a DevOps software supply chain security solution. Teams can verify the integrity and security of every artifact using a pipeline bill of materials (PBOM).

PureSquare

PureSquare

PureSquare exist to empower people with simple solutions for their increasingly complex digital security & online privacy needs.

V2X

V2X

V2X delivers IT support, networking, and cybersecurity solutions that ensure optimal mission support and performance.

Red Helix

Red Helix

Red Helix (formerly Phoenix Datacom) is a market leader in network performance and cyber security.

Fingerprints

Fingerprints

Fingerprints is the world-leading biometrics company. Our solutions are found in millions of devices providing safe and convenient identification and authentication with a human touch.

StrongDM

StrongDM

StrongDM is the leader in Zero Trust Privileged Access Management (PAM).

Atumcell

Atumcell

Atumcell’s targeted risk assessment exposes emerging threats before they cause harm.