Government Internet Freedom News Relations Science Technology

OPM Says Hackers Stole 5.6 Million Federal Employees Fingerprints

Stay ahead of the curve... Get top posts first!

Thank you for subscribing!

Get updates on Facebook

President Xi Jinping is in America for a meeting with President Obama on limiting cyberespionage, when hackers stole security dossiers from the agency also got the fingerprints of 5.6 million federal employees.

“Months after hackers first broke into Office of Personnel Management (OPM), the US government agency that handles all federal employee data, the hack keeps on getting worse.

In July, OPM revealed that the hackers, apart from getting their hands on highly sensitive private data from 21.5 million people that work for the government, they had also stolen 1.1 million scans of fingerprints.

Well, forget about that: it was actually “approximately” 5.6 million fingerprints, OPM’s Press Secretary Samuel Schumach said in a statement on Wednesday. What’s worse, that might not even be the final number, as Schumach noted that an interagency investigation team “will continue to analyze and refine the data as it prepares to mail notification letters to impacted individuals.”

Fingerprints are starting to be used for background checks, to verify identities at borders, or to unlock phones, and their use is expected to increase, even in the government. Yet OPM estimates that there’s a “limited” risk that the fingerprints could be abused.” said vice.com

”As of now, the ability to misuse this data is limited.”

fingerprints

Asked whether OPM had any idea how the hackers, whom government officials privately believe to be Chinese, could misuse those fingerprints, Schumach said that what OPM has “learned from federal experts is that as of now, the ability to misuse this data is limited.”

“Experts do acknowledge that the ability to misuse this data could increase over time as technology changes,” he said.

You should probably take OPM’s somewhat optimistic view with a grain of salt. Not just because the agency initiallygrossly underestimated the damage of a hack that they missed for months, but because experts actually believe that the theft of fingerprints might be the worst part of the breach, as previously reported by The National Journal.

“It’s prob­ably the biggest coun­ter­in­tel­li­gence threat in my life­time.”

1443050246883

“It’s prob­ably the biggest coun­ter­in­tel­li­gence threat in my life­time,” Jim Pen­rose, the former chief of the Op­er­a­tion­al Dis­cov­ery Cen­ter at the Na­tion­al Se­cur­ity Agency, told reporter Dustin Volz. “There’s no situ­ation we’ve had like this be­fore, the com­prom­ise of our fin­ger­prints. And it doesn’t have any easy rem­edy or fix in the world of in­tel­li­gence.”

“The main reason for that is that fingerprints, unlike passwords or social security numbers, can’t be changed. So if the US government continues with its plans to increase the use of biometrics like fingerprints as a form of authentication, it will have to cope with the fact that the hackers, who are likely part of the Chinese intelligence community, now have the ability to spoof US government employees fingerprints.

Spoofing fingerprints isn’t just the realm of science fiction or action movies anymore. In 2013, a German hackershowed that it was relatively easy to lift someone’s fingerprint from, say, a glass, and reproduce it to unlock an iPhone.” said vice.com

Learn more here

Want our best on Facebook?

Facebook comments

“OPM Says Hackers Stole 5.6 Million Federal Employees Fingerprints”