In June the U.S. Office of Personnel Management (OPM) revealed that there had been a massive security breach, exposing the personal personnel data of at least 21.5 million government employees. The data included social security numbers, names, and clearance information. What was less well known is that the data also included fingerprint records, and this week it has been revealed that the hackers got 5.6 million fingerprints.
Think about that for a moment, and let it sink in.
One of the few identifying and authenticating pieces of information that has, until now, been thought to be virtually unspoofable.
Fingerprint records associated with social security numbers, clearances, and the data from background checks, including mental health and financial information.
So now, when your banking app has you authenticate with your thumbprint…well.
According to the OPM, the stolen data includes the data for “19.7 million individuals that applied for a background investigation, and 1.8 million non-applicants, primarily spouses or co-habitants of applicants. Some records also include findings from interviews conducted by background investigators and approximately 5.6 million include fingerprints. Usernames and passwords that background investigation applicants used to fill out their background investigation forms were also stolen.”
|Get notified of new Internet Patrol articles for free!
|Or Read Internet Patrol Articles Right in Your Inbox!
as Soon as They are Published! Only $1 a Month!
Imagine being able to read full articles right in your email, or on your phone, without ever having to click through to the website unless you want to! Just $1 a month and you can cancel at any time!
In a public statement released today, the OPM also said:
Of the 21.5 million individuals whose Social Security Numbers and other sensitive information were impacted by the breach, the subset of individuals whose fingerprints have been stolen has increased from a total of approximately 1.1 million to approximately 5.6 million. This does not increase the overall estimate of 21.5 million individuals impacted by the incident. An interagency team will continue to analyze and refine the data as it prepares to mail notification letters to impacted individuals.
Federal experts believe that, as of now, the ability to misuse fingerprint data is limited.
We know you're sick of ads on websites. But we still need to pay to keep the lights on for you. So instead of huge ads and video ads, we use smaller, plainer ads. Still, if you'd like to support the Internet Patrol but not the ads, please consider supporting us here:
Federal experts believe that, as of now, the ability to misuse fingerprint data is limited. However, this probability could change over time as technology evolves. Therefore, an interagency working group with expertise in this area – including the FBI, DHS, DOD, and other members of the Intelligence Community – will review the potential ways adversaries could misuse fingerprint data now and in the future. This group will also seek to develop potential ways to prevent such misuse. If, in the future, new means are developed to misuse the fingerprint data, the government will provide additional information to individuals whose fingerprints may have been stolen in this breach.
We’ve never been so glad to not be on the Federal payroll.
No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money. That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free? Thank you!
|Get notified of new Internet Patrol articles!