While the US is yet to figure out the whereabouts of previous week’s defense data hack which it blamed on China, another hack exposing sensitive background information submitted by U.S. intelligence and military personnel for security clearances, has now been performed by Chinese hackers, reported Associated Press (via Reuters).
Hackers from China have somehow broken into the private databases of the Office of Personnel Management and gained access to private data belonging to millions of U.S. intelligence and military personnel. Just so you know, database hacked during this attack isn’t the same as the one performed last week.
The data which was exposed during the attack belonged to those members of the intelligence and security branches that have requested security clearances in the past. While even the name of someone working in the intelligence could be dangerous in the wrong hands, the information exposed to the attack contained far more than only names.
The procedure for granting Security clearance to personnel in the US involves deep inquisitions into the personal life of the applicant and according to the Associated Press, data associated with the Standard Form 86 was also on the line during the attack.
The form not only involves details of things like mental illnesses and drug and alcohol use but also requires the applicant to list past arrests and bankruptcies. As if that wasn’t fodder enough for a potential blackmailing, a complete list of contacts and relatives onto the form is also required thus exposing them to danger as well. What’s more, about 2.9 million people have been investigated for a security clearance as of October 2014 thus potentially granting hackers access to a massive data pool.
The report follows a White House release in which it refused to confirm yet another AP news article about an attack that exposed the data of about 14 million US government employees to hackers. However, the White House did underline the need for web security through the following statement
Recent events underscore the need to accelerate the Administration’s cyber strategy and confront aggressive, persistent malicious actors that continue to target our nation’s cyber infrastructure.
In the meanwhile, White House spokesman Josh Earnest confirmed the government’s ongoing investigation into last week’s attack which had put the records of up to 4 million people on the line.
These attacks — which seemed to be aimed mainly at government personnel — according to an official, could enable a foreign intelligence service to map out a list of people involved in handling data required by them, along with other important details such as their address and information about their family — a fact which immediately leads the mind to jump from coercion to bribing to espionage. Cyber analysts also stress the point that such information could also be used to gain access to other secure networks.
China — like it has done in all such previous occasions –has absolutely declined any association with the ongoing hacking spree.