Wired: Senator Sasse: the OPM hack may have given China a spy recruiting database

Author: Sen. Ben Sasse
July 9, 2015

As a newly elected Senator, I am here to tell you a hard truth: Washington does not take cybersecurity seriously.

But you probably already knew that if you’ve read anything about the massive OPM data breach. To recap today’s news from OPM, since 2013, a malicious attacker—likely the Chinese government—breached government databases and stole information on some 21 million federal employees. This included personal information like addresses and Social Security numbers. Most of these people held security clearances and for them it also included nearly 150 pages of material in what are called Standard Form 86s (SF-86), which detail nearly every aspect of their lives.

Here’s the kicker: despite today’s jaw-dropping news, the attackers were in our networks so long that it may still be a while before we figure out everything they stole. Most news coverage has centered on federal employees. But that’s an incomplete picture because it’s now clear many victims never worked for the federal government. When applying for a security clearance with the SF-86, applicants list their family members, neighbors, co-workers, foreign contacts, and even college roommates.

China may now have the largest spy-recruiting database in history.

Bottom line: If you have any family or friends who work for the government and put your name down on an SF-86, a foreign government might well know a lot more about you and your kids than you’d like.

Read the full article here.