Second OPM Hack Revealed: Even Worse Than The First

from the the-federal-government,-ladies-and-gentlemen dept

Oh great. So after we learned late yesterday that the hack of all sorts of data from the federal government's Office of Personnel Management (OPM) was likely much worse than originally believed -- including leaking all Social Security numbers unencrypted -- and that the so-called cybersecurity "experts" within the government weren't even the ones who discovered the hack, things are looking even worse. That's because, late today, it was revealed that there was likely a separate hack, also by Chinese state actors, accessing even more sensitive information:
The forms authorities believed may have been stolen en masse, known as Standard Form 86, require applicants to fill out deeply personal information about mental illnesses, drug and alcohol use, past arrests and bankruptcies. They also require the listing of contacts and relatives, potentially exposing any foreign relatives of U.S. intelligence employees to coercion. Both the applicant's Social Security number and that of his or her cohabitant is required.

In a statement, the White House said that on June 8, investigators concluded there was "a high degree of confidence that ... systems containing information related to the background investigations of current, former and prospective federal government employees, and those for whom a federal background investigation was conducted, may have been exfiltrated."

"This tells the Chinese the identities of almost everybody who has got a United States security clearance," said Joel Brenner, a former top U.S. counterintelligence official. "That makes it very hard for any of those people to function as an intelligence officer. The database also tells the Chinese an enormous amount of information about almost everyone with a security clearance. That's a gold mine. It helps you approach and recruit spies."
And yet... this is the same federal government telling us that it wants more access to everyone else's data to "protect" us from "cybersecurity threats" -- and that encryption is bad? Yikes.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: china, hack, leak, opm, security clearance, sf-86, sf86


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. icon
    That One Guy (profile), 12 Jun 2015 @ 6:29pm

    Worrisome, but not surprising

    Make the target valuable enough, and it's not 'if', but 'when' it will be hacked.

    This should be held up as a perfect example of why it's a terrible idea to engage in mass spying and data collection, because even if the ones doing it never use the information themselves, such a database is an extremely tempting target for anyone, government or otherwise, who believes that the data is valuable.

    If the database exists, it will be hacked, it's only a matter of time, meaning it's better to never create it in the first place.

    link to this | view in thread ]

  2. identicon
    Anonymous Coward, 12 Jun 2015 @ 6:42pm

    doomed i tell you, we're all doomed

    link to this | view in thread ]

  3. identicon
    Anonymous Anonymous Coward, 12 Jun 2015 @ 6:53pm

    Jealousy Personified

    The NSA brass took a look at what Standard Form 86 looks like and asked the head data collector "Why don't we have that kind of data?"

    link to this | view in thread ]

  4. identicon
    FM Hilton, 12 Jun 2015 @ 6:54pm

    The question arises

    If the Chinese are stealing our personal information, why are we still on diplomatic terms with them?

    They've stolen the top level personal information of our government and now the Chinese know all about their life problems.

    I smell blackmail in the air.

    I just wonder how stupid the government really is. They just admitted their entire personnel files are now in the possession of a semi-hostile country.

    Data that was not encrypted, due to utter stupidity and belief that they would be able to prevent/stop such events with the usual derring do. They failed this one miserably.

    Also the same government that has been trying to blackmail/cajole Microsoft and other big computer companies to allow them a backdoor into the systems, and forbidding encryption.

    Looks like the government now needs "Life Lock".

    link to this | view in thread ]

  5. icon
    ChurchHatesTucker (profile), 12 Jun 2015 @ 6:55pm

    Re: Worrisome, but not surprising

    But if you *do* create it, some encryption might come in handy.

    Just saying...

    link to this | view in thread ]

  6. identicon
    Capt ICE Enforcer, 12 Jun 2015 @ 6:56pm

    Hate it

    Okay, now I am beyond mad, 20 years in doing things for my nation and they did stupid mistakes like this. And the kicker, they plan to offer free ID protection for a year to cover this. The SF 86 is a complete record of everything with the exception of what the individual ate for dinner last night. I can honestly say I am scared for my family. Now I need to recreate everything using BS answers to security questions.. I think a suitable answer for all security questions would be IH8UGOVOPMAHOLES

    link to this | view in thread ]

  7. identicon
    Capt ICE Enforcer, 12 Jun 2015 @ 7:11pm

    Government Agency

    If only the US had an agency that's sole purpose was to find ways to defend our nation from cyber attacks by creating super sophisticated encryption which is easy to use with multiple levels of protection. You know, an organization which would not only prevent Whitehouse.gov from being hacked, but also prevent all networks from being hit. Hmm what would we call it, National Protection Agency NPA. Nah, what about National Security Agency NSA. It has a nice ring to it.

    link to this | view in thread ]

  8. icon
    Doug (profile), 12 Jun 2015 @ 7:14pm

    Encryption anyone

    Seems like the war on encryption ought to be over now. Encryption would have helped in this case. The gov't can't very well now argue that only criminals need encryption. All you have to do is say, "What, you don't like encryption? What about OPM? ... Thought so."

    Whoever didn't encrypt this data was negligent at a minimum. Gov't being what it is, no one will be fired...

    link to this | view in thread ]

  9. icon
    s (profile), 12 Jun 2015 @ 7:15pm

    Re: Hate it

    IH8UGOVOPMAHOLES


    Don't forget lowercase and special characters. In this case, a couple of well-placed exclamation marks might just be what's called for! ;)

    link to this | view in thread ]

  10. identicon
    Anonymous Coward, 12 Jun 2015 @ 7:17pm

    So is it just the government claiming China did it? At this point I wouldn't even believe them if they said that NSA did it on WH orders.

    link to this | view in thread ]

  11. identicon
    Capt ICE Enforcer, 12 Jun 2015 @ 7:23pm

    Cost vs benefit program.

    Let's weigh the cost vs benefits of having the NSA around.
    NSA- Helped destroy the world's view on the US being a great nation. Ticked off everyone on the planet with the exception of the guy living under the rock in the GEICO commercial. And cost a lot of money each year to operate even though people are going hungry in the streets.
    $60 Security program- Found major security violation and malware on the span of a 30 minute sales demo. Did not possible off the entire planet. And can back up everything it does in a clear manner. Looks like the NSA needs to shut down.

    link to this | view in thread ]

  12. identicon
    Capt ICE Enforcer, 12 Jun 2015 @ 7:23pm

    Cost vs benefit program.

    Let's weigh the cost vs benefits of having the NSA around.
    NSA- Helped destroy the world's view on the US being a great nation. Ticked off everyone on the planet with the exception of the guy living under the rock in the GEICO commercial. And cost a lot of money each year to operate even though people are going hungry in the streets.
    $60 Security program- Found major security violation and malware on the span of a 30 minute sales demo. Did not possible off the entire planet. And can back up everything it does in a clear manner. Looks like the NSA needs to shut down.

    link to this | view in thread ]

  13. identicon
    Capt ICE Enforcer, 12 Jun 2015 @ 7:26pm

    Re: Re: Hate it

    I know, but whenever I type a sophisticated password, the NSA which hacked my phone automatically corrects it to be weaker.

    link to this | view in thread ]

  14. icon
    wazmo (profile), 12 Jun 2015 @ 7:51pm

    And one of the roles that the NSA is supposed to perform for the US Government is 'Information Assurance':

    https://www.nsa.gov/ia/ia_at_nsa/index.shtml

    "NSA's Information Assurance Directorate (IAD) protects and defends National Security Information and Information Systems, in accordance with National Security Directive 42. National Security Systems are defined as systems that handle classified information or information otherwise critical to military or intelligence activities.

    IAD is responsible for NSA's defensive mission and is widely acknowledged for leading innovative security solutions. Partnering extensively with government, industry, and academia, allows IAD to ensure appropriate security solutions are in place to protect and defend information systems, as well as our Nation’s critical infrastructure. IAD's work is guided by its vision to create "Confidence in Cyberspace."

    Seems to me that it's high time we drag the current and former heads of the NSA before Congress and ask them how this happened on their watch. Of course, like what happened with the financial crises, bringing anything into the public sphere would be tantamount to being 'too big to fail'

    Uh, guess what just happened......

    link to this | view in thread ]

  15. identicon
    Anonymous Coward, 12 Jun 2015 @ 8:15pm

    One more reason to screen my phone calls:

    "This is the IRS, if we do not receive payment within the next 30 minutes, we will send someone to your house to arrest you..."

    "Our son was killed in Afghanistan/Iraq and we need to pay for funeral costs. The government isn't helping us. Would you please donate some money?"

    "You have won $1,000,000!!! Just wire us $1,500 from your bank account to cover the processing fees and the money will be delivered!"

    "Hello, this is Chinese Intelligence. Have you thought about the lucrative business of trading government secrets?"

    link to this | view in thread ]

  16. identicon
    Ken Hamer, 12 Jun 2015 @ 9:05pm

    So isn't it about time someone asked Mitch McConnell why he wants to make it easier for the Chinese government to steal US secrets?

    link to this | view in thread ]

  17. identicon
    Anonymous Coward, 12 Jun 2015 @ 9:13pm

    I wonder how long before we start hearing about people in foreign countries being arrested and tried as spies, courtesy of the Chinese. Be curious if anyone in charge of the security for this happened to receive a large cash payoff in their bank accounts prior.

    link to this | view in thread ]

  18. identicon
    Anonymous Coward, 12 Jun 2015 @ 9:48pm

    Re: The question arises

    "If the Chinese are stealing our personal information, why are we still on diplomatic terms with them?"

    Because high-level U.S. and Chinese politicians belong to the same club. They're basically the same, just with different names.

    link to this | view in thread ]

  19. icon
    JoeCool (profile), 12 Jun 2015 @ 9:53pm

    Re: Re: Worrisome, but not surprising

    The REAL question is - why the hell is this even on the net in the first place?!?!?! You don't take databases with the most sensitive info and place them on the open net. Basic Security 101. At least make the fuckers have to send a spy in person to infiltrate the facilities - hasn't decades of James Bond movies taught them anything?

    link to this | view in thread ]

  20. identicon
    Stephen, 12 Jun 2015 @ 9:53pm

    OPM Managers Need Lessons in Online Security 101

    This is in an unmitigated disaster for the US.

    Putting all that sensitive data on a computer connected to the Internet was a bad idea from the get-go and those in charge should have realised that from the beginning. If nothing else the very act of putting it online meant that they were painting a large red target on that data, daring hackers to have a go at breaching security and exfiltrating it. Which, thanks in part to pitiful security, they not only succeeded in doing, but were able to get away withOUT detection until pure chance and a product demo exposed them.

    At the very least somebody needs to get fired fcr this, although chances are it will be some poor schmuck at the coaslface end rather than those higher-ups whose decisions (or lack thereof) led to this fiasco.

    link to this | view in thread ]

  21. identicon
    Anonymous Coward, 12 Jun 2015 @ 10:07pm

    Re: The question arises

    "[...] why are we still on diplomatic terms with them?"

    This is how the intelligence game is played. Back in the day, it would have involved someone going in and physically photographing or copying files. Nobody's going to war or breaking off relations due to something like this, because I can tell you with perfect certainty that everyone involved in international espionage/politics is pulling the same shit. The only real shame on that field is getting caught red-handed with enough evidence for a courtroom. And even then the worst that really happens (publicly, anyway) is the international equivalent of name-calling or a few agents getting tossed in the clink.

    link to this | view in thread ]

  22. icon
    Robert Freetard (profile), 13 Jun 2015 @ 1:01am

    I am aghast.

    Can anyone tell me why data this sensitive was not stored encrypted?

    Does the US government not have an IT department?

    link to this | view in thread ]

  23. identicon
    Anonymous Coward, 13 Jun 2015 @ 1:07am

    Well, thats what you get when your government is full of delusional corrupt idiots.

    link to this | view in thread ]

  24. icon
    MadAsASnake (profile), 13 Jun 2015 @ 2:09am

    You would think there was a lesson here for the US gov:
    1. You can hardly blame the Chinese [if it was them] when NSA is doing same
    2. There is no excuse for not securing deeply personal info in your possession. Businesses are required by law to do that. Encrypt the data, air gap the really sensitive stuff
    3. Breaking that encryption for your own purposes pretty much invalidates 2. Encryption is useless if it has a back door.
    Unfortunately the response to this will be nothing but red faced silence. What should really happen now is that the US get rid of all the intelligence staff compromised (this is a way bigger risk than Snowden) and start again. This lot are so corrupt, that is probably a good idea anyway.

    link to this | view in thread ]

  25. icon
    Tobias Harms (profile), 13 Jun 2015 @ 2:58am

    Re: Worrisome, but not surprising

    Time to take a page from terrorists book and create some sort of cells for databases? The whole database wouldn't be compromised just because a part of it was.
    Now how the heck you would go around building a database like that I'll leave as an exercise for the reader :)

    link to this | view in thread ]

  26. icon
    Starke (profile), 13 Jun 2015 @ 3:33am

    Re: Re: Re: Worrisome, but not surprising

    They probably put the database online because... well, it's the Federal government.

    The database was originally created to be used, so while sticking it behind an air gap would have been the smart thing to do, but not the useful option.

    It was also probably created because the government has a pathological need to retain any information it ever obtains.

    As for exactly how it ended up online? The people actually getting paid for implementing it either picked a simple standard online database setup to allow access from anyone who should be throwing data at it. Or the people overseeing it's creation were easily wowed by the prospect of the database being available to their people nation wide, without any thought to security because they weren't techs, just administrators with no real understanding of network security.

    You know, the same kinds of people that just say, "well, our people are smart so encryption golden keys are the way to go. Because, we need to see what other people are doing, and our people can figure out a way to keep everyone else out."

    link to this | view in thread ]

  27. identicon
    Anonymous Coward, 13 Jun 2015 @ 3:34am

    Re: The question arises

    The US is so in debt to China that the Chinese practically own it now. You could say that the Chinese are just keeping tabs on their investment.

    link to this | view in thread ]

  28. identicon
    Common knowledge, 13 Jun 2015 @ 6:50am

    Re: I am aghast.

    It was outsourced to China.

    link to this | view in thread ]

  29. identicon
    Anonymous Coward, 13 Jun 2015 @ 6:53am

    Looks like everyone's been doxed. Oh well, it seems like everyone's personal information is already on the Internet these days so what difference does it make anymore.

    link to this | view in thread ]

  30. identicon
    Anonymous Coward, 13 Jun 2015 @ 7:00am

    Re: Encryption anyone

    "The gov't can't very well now argue that only criminals need encryption."

    The government doesn't really care about your privacy. Only its own, not because of anything resembling national security but only because it doesn't want to get embarrassed.

    link to this | view in thread ]

  31. icon
    Watchit (profile), 13 Jun 2015 @ 8:52am

    Fuck, I've had to get government security clearance before for a job, that means the Chinese have my info now...

    link to this | view in thread ]

  32. icon
    That One Guy (profile), 13 Jun 2015 @ 10:38am

    Re:

    I'm sure it's not a big deal, after all, 'If you're not doing something wrong, you have nothing to hide', and of course we can't forget that the data was being held by a third party, so there was no real expectation of privacy anyway.

    link to this | view in thread ]

  33. icon
    seedeevee (profile), 13 Jun 2015 @ 10:43am

    NSA/Israel not China

    All roads lead to the Whitehouse.

    No evidence of Chinese = evidence of NSA probability

    Not really, but c'mon, it's the NSA and it's friends (Israel) doing this spying.

    link to this | view in thread ]

  34. icon
    Gary Mont (profile), 13 Jun 2015 @ 11:13am

    Learning from the Pros

    Gotta love the Chinese resilience.

    Having been hacked and blackmailed by the US spy agencies for years, they have finally turned the tables and joined The Five Eyes Blackmail Game, by learning how to blackmail the Five Eyes' member nation's spies themselves.

    I guess the leaders of the Five Eyes thought that they could secretly survey and blackmail the world and the world would just obey them and bend over, and not try and protect itself from them. They didn't even bother to secure their own data because they think the rest of the world is composed of lesser beings.

    What a bunch of self-important, arrogant, morons.

    The leaders of the Five Eyes have opened a can of worms they are definitely not going to like, as they have forced the world to fight back against the monster - to fight fire with fire and learn how to blackmail the blackmailers.

    Coming soon: Public Encryption Security Training Control

    ===================(PEST Control)=================

    ---

    link to this | view in thread ]

  35. identicon
    Anonymous Coward, 13 Jun 2015 @ 12:21pm

    Re: Re: Re: Re: Worrisome, but not surprising

    Yeah, only the government does stupid stuff like putting sensitive information online. Corporations would never do that and that is why corporations have never had any data breaches and your information is truly safe with them - but not the government!!!

    link to this | view in thread ]

  36. identicon
    Anonymous Coward, 13 Jun 2015 @ 12:23pm

    Re: Re: The question arises

    This is simply incorrect, care to provide some data to back up your claim?

    link to this | view in thread ]

  37. icon
    Nickweller (profile), 13 Jun 2015 @ 10:28pm

    Re: Hate it

    'This form will be used by the United States (U.S) Government in conducting background investigations, reinvestigations, and continious elavuations of persons under consideration for, or retention of, national security positions as defined in 5 CRF 732, and for individuals requiring eligibility for access to classified information under Executive Order 12968.'

    translation: We may leak such compromising information against you if you discover illegal activity by a U.S Government agency and attempt to disclose such to the media.

    https://www.opm.gov/forms/pdf_fill/sf86.pdf

    link to this | view in thread ]

  38. icon
    Nickweller (profile), 13 Jun 2015 @ 10:37pm

    Re: Government Agency

    "If only the US had an agency that's sole purpose was to find ways to defend our nation from cyber attacks"

    Because the true purpose of such agencies is to protect the real rulers of America from you the people. Once every four years you get to pretend to pick your own leader.

    link to this | view in thread ]

  39. icon
    OldMugwump (profile), 14 Jun 2015 @ 12:23pm

    Re: Worrisome, but not surprising

    Agreed. The Feds can't even keep their own data secure, and we civilians are supposed to trust them with ours?

    This ought to (but won't) completely kill the idea of key escrow and the Feds logging and archiving private data.

    I'm probably more trusting than I should be regarding motives, but I've never been trusting re competence. I've never applied for a security clearance, and can't imagine doing so.

    Anyone who did trust the Fed's competence by (honestly) filling out a Standard Form 86 has now been proven a fool - anything embarrassing, or even just useful for leverage (which relatives to threaten...), is now in play.

    And these incompetent fools are telling us to trust them with our data?

    link to this | view in thread ]

  40. icon
    OldMugwump (profile), 14 Jun 2015 @ 12:41pm

    Re: Hate it

    Captain, thank you for your 20 years of service. I mean that sincerely.

    I'm sure you meant well, and perhaps you even did good things to help your neighbors and the world.

    But, with all due respect, trusting the Feds to keep your SF86 information secure was...foolish. And now you're going to pay the price.

    link to this | view in thread ]

  41. identicon
    Anonymous Coward, 14 Jun 2015 @ 10:22pm

    Someone tell me how this is because of Snowden?

    link to this | view in thread ]

  42. identicon
    Anonymous Coward, 15 Jun 2015 @ 1:17am

    Well, good to know china has my SSN now.

    link to this | view in thread ]

  43. icon
    Ne0 (profile), 15 Jun 2015 @ 3:04am

    Data insecurity

    1) Office of Personnel Management didn't use encryption to store Social Security & Credit Card numbers.
    2) Office of Personnel Management used Microsoft Windows, the most exploited(hacked) operating system in History.

    link to this | view in thread ]

  44. identicon
    Anonymous Coward, 15 Jun 2015 @ 4:57am

    That sounds like good stuff to have available online

    What I don't understand is why stuff like this needs to be accessible from internet connected systems? You hear FUD about attacks on the power grid and how we need cyberwarfare capabilities. But the simple answer is to not have this stuff connected to the internet.

    link to this | view in thread ]

  45. icon
    Mike Acker (profile), 15 Jun 2015 @ 5:45am

    Much worse than Edward Snowden affair

    the OPM disaster is MUCH worse than the Edward Snowden affair. Snowden only exposed illegal government activity -- much like Watergate -- which we now regard as an heroic action.

    OPM is a REAL disaster

    as far as China and Russia having Ed Snowden data: if they did they sure wouldn't let you know about it. The latest on Ed Snowden is just static to help cover up the OPM mess

    hot mess, make that

    link to this | view in thread ]

  46. identicon
    FM Hilton, 15 Jun 2015 @ 6:31am

    Another thought

    Since the second of the two incursions has been revealed, one must wonder how far back the records that have been stolen go back? Years or decades?

    Because when you read it properly, Edward Snowden's personnel information is part of it, as are probably most of the NSA's.

    I wonder if he knew about the operational insecurity of the OPM?

    You have to admit that it would have saved an awful lot of hot mess if he had warned the government about it before it happened.

    In that case, he would have been awarded a medal for it and given a better job.

    But history had another idea. That's why he's in Russia and facing charges that he stole data from the government and our government's had their information stolen by a foreign entity called China.

    It boggles the mind to know that the government completely overlooked their own data and failed to do the most basic security steps to protect it.

    Snowden is the least of their problems right now.

    Way to go, USA!

    link to this | view in thread ]

  47. icon
    John Fenderson (profile), 15 Jun 2015 @ 7:57am

    Re: Re: The question arises

    "The US is so in debt to China that the Chinese practically own it now."

    Not true. China isn't even the #1 holder of US debt. You know who is? US citizens and companies.

    link to this | view in thread ]

  48. icon
    John Fenderson (profile), 15 Jun 2015 @ 7:59am

    Re:

    Personally, I am more nervous about the US having my personal info than about China having it.

    link to this | view in thread ]

  49. icon
    sigalrm (profile), 15 Jun 2015 @ 8:05am

    This is exactly what happens...

    When you give up privacy for security.

    I mean, don't get me wrong - there's no question that this is really bad. But if we, as a country, continue to centralize information on everybody in the name of security, then before too many years have elapsed, we're going look back on this particular breach as being small scale and, dare I say it, quaint.

    link to this | view in thread ]

  50. icon
    sigalrm (profile), 15 Jun 2015 @ 8:16am

    Re: Another thought

    "I wonder if he knew about the operational insecurity of the OPM? "

    Maybe. Doesn't really matter.

    "You have to admit that it would have saved an awful lot of hot mess if he had warned the government about it before it happened."

    Unlikely. History shows - repeatedly - that such warnings - at best - would have been ignored and at worst would have been received with great hostility.

    "In that case, he would have been awarded a medal for it and given a better job."

    No. Having embarrassed the Authorizing Official (required under FISMA, look it up) for whichever system it was, he'd have been lucky to have gotten the equivalent of an "atta boy, good job, go back to work" and subsequently having the report shelved, not be be looked at again until some reporter filed a FOIA request for it.

    link to this | view in thread ]

  51. icon
    nasch (profile), 15 Jun 2015 @ 8:23am

    Re: Another thought

    You have to admit that it would have saved an awful lot of hot mess if he had warned the government about it before it happened.

    In that case, he would have been awarded a medal for it and given a better job.


    No, he would have been prosecuted on multiple felony computer abuse charges.

    link to this | view in thread ]

  52. identicon
    Anonymous Coward, 15 Jun 2015 @ 8:48am

    Re: Re: Hate it

    Unfortunately, you don't get a lot of choice in the matter for many lines of work. My info is somewhere in that pile as well, from when I had to get a clearance to do my job....which, given the economic downturn at the time was quite nice to have given the many rounds of layoffs my company had gone through.

    link to this | view in thread ]

  53. icon
    John Fenderson (profile), 15 Jun 2015 @ 8:52am

    Re: Another thought

    "You have to admit that it would have saved an awful lot of hot mess if he had warned the government about it before it happened."

    He did.

    link to this | view in thread ]

  54. icon
    nasch (profile), 15 Jun 2015 @ 9:05am

    Re: Re: Another thought

    Snowden warned about OPM vulnerabilities?

    link to this | view in thread ]

  55. icon
    John Fenderson (profile), 15 Jun 2015 @ 9:55am

    Re: Re: Re: Another thought

    Ahhh, no. I misinterpreted the statement. Snowden warned about the severe problems in the security infrastructure in general. He didn't call out the OPM specifically, as far as I know. But it still counts are warning in my book.

    link to this | view in thread ]

  56. identicon
    Anonymous Coward, 15 Jun 2015 @ 2:59pm

    I am sorry, but I can't believe they don't notice all that data leaving sensitive networks. It really sounds more like the government using excuses like this to try and get the public behind them expanding the offensive and defensive hacking operations.

    link to this | view in thread ]

  57. icon
    nasch (profile), 15 Jun 2015 @ 4:04pm

    Re:

    I am sorry, but I can't believe they don't notice all that data leaving sensitive networks. It really sounds more like the government using excuses like this to try and get the public behind them expanding the offensive and defensive hacking operations.

    I don't doubt they would be willing to do such a thing, but I think you're giving their competence too much credit.

    link to this | view in thread ]

  58. icon
    Sheogorath (profile), 14 Aug 2015 @ 3:11am

    Re: Re: Worrisome, but not surprising

    Ever since Iraq 2003, Western super powers are the terrorists.

    link to this | view in thread ]

  59. identicon
    sharon, 19 Nov 2015 @ 5:41pm

    Not at all surprised

    I have had the unfortunate experience in dealing with the OPM throughout my lifetime. I a widow of a man who never got to see his unborn child. Working for our great Government.
    The OPM has done nothing but harass, illegally with hold full annuity payments.
    I am not at all surprised there was this horrible breach. They are too busy picking on widows.

    link to this | view in thread ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.