Latest hack on federal employees targets security clearances

After finding that federal employees' Social Security numbers were stolen, the US government discovers another breach, which exposed data on intelligence agents and others.

Laura Hautala Former Senior Writer
Laura wrote about e-commerce and Amazon, and she occasionally covered cool science topics. Previously, she broke down cybersecurity and privacy issues for CNET readers. Laura is based in Tacoma, Washington, and was into sourdough before the pandemic.
Expertise E-commerce | Amazon | Earned wage access | Online marketplaces | Direct to consumer | Unions | Labor and employment | Supply chain | Cybersecurity | Privacy | Stalkerware | Hacking Credentials
  • 2022 Eddie Award for a single article in consumer technology
Laura Hautala
2 min read

Andrew Brookes/Getty Images

Following recent news of a breach of federal employee records, the Obama Administration acknowledged Friday that in a separate attack hackers stole highly sensitive forms used in vetting federal employees for security clearances.

The hackers are linked to China, US officials told The Washington Post and the Associated Press.

The forms contain applicants' personal information and could compromise federal agents' ability to maintain their cover while collecting intelligence, according to a former US counterintelligence official cited by the AP.

"This tells the Chinese the identities of almost everybody who has got a United States security clearance," the former official, Joel Brenner, told the AP. The forms also provide information from background checks about workers' mental health, finances and family.

The breach was discovered as the government looked into a previous attack, according to the Office of Personnel Management. The earlier attack, announced June 8, was said to have compromised the data of up to 4 million current and former federal employees, including Social Security numbers and other personal information. But a union of federal workers said Thursday that it believed it was a far more extensive breach than the OPM has indicated, affecting every single current and retired federal worker -- allegations the government disputes.

Regarding the breach revealed Friday, the government concluded with a "high degree of confidence that OPM systems containing information related to the background investigations of current, former and prospective federal government employees, and those for whom a federal background investigation was conducted, may have been exfiltrated," Samuel Schumach, a press secretary at the OPM, said in an emailed statement Friday.