More Than 22 Million People's Data Compromised By OPM Hack

OutOnARock writes with news that the Office of Personnel Management data breach reported earlier this month was actually far worse than earlier estimates had it; in all, it seems that more than 22 million people (not all of them government employees) had personal information compromised by the breach. From Yahoo News's coverage: That number is more than five times larger than what the Office of Personnel Management announced a month ago when first acknowledging a major breach had occurred. At the time, OPM only disclosed that the personnel records of 4.2 million current and former federal employees had been compromised.

Names and actual idenities of spies

[ebonum]

This database should contain all the personal details on spies. If this was stolen by China, why haven't we heard about every spy being pulled out of China and Russia? They are friend-enemies after all.

Any chance this hack done by the NSA to help get more funding and show the Americans how much they are needed to keep us safe? The NSA would know all the details of how the OPM works. Easy target.
Go into a big Chinese bank. What do you see? Most of the computers used for operations are still running XP. Hacking old Win 2003 servers in China from the US might not be very difficult. There are A LOT of Win 2003 servers in China. If you use these computers to launch an attack, who isn't going to believe those uber-smart Chinese have hacked us again?
If the Chinese actually have this data, there should be a huge reaction. I haven't see it. 1,000's to 10,000's of Americans at the embassies and working abroad should have run back to the US on very short notice. We should be hearing how our spying has been set back 20 years. Things are WAY too quiet It doesn't make sense to me.

Why did the US even allow such a database?

[AHuxley]

The US gov seemed to have really understood all the issues the UK and other nations had with selecting and sorting cleared staff from the UK security issues of the 1930's to 1980's.
Full background interviews, real cleared US gov staff looking deep into a persons submitted life story and the looking at the facts on the ground anywhere in the US.
Life story, education, friends, mail, reading material, calls logs all allowed the US gov to select the more useful and smart people for sensitive positions.
Over the past decade the move was to finding staff with unique skills quickly and trying to ensure US security paperwork was not going to be any issue for contractors, ex staff, former staff, people moving from the private sector into gov or gov into the private sector. All while keeping or re using past security access.
The US gov and mil could ensure skilled staff from the public and private sector where ready, could be found and sorted regionally and quickly for any task in or out of the USA.
The problem for the US gov is it needed so many contractors quickly and hoped remote digital files could 'clear' a boss and their new company or past contractor/mil/gov staff for new gov/mil/contractor work.
Vast new online digital databases allowed for lucrative jobs to be handed out and any security issues to fixed quickly.
The down side of this rapid system what what is what was fully understood by the US, UK, Australian and many other nations since the 1950's from their WW2 and 1930's security issues. Dont hire or create security in haste and keep the files away from all other people in gov, mil, private sector and other nations. How or why the US gov ever let go if its most secure files for national remote access is a real mystery.
Other nations who kept their files safe from new contractors needs and within the gov seemed to have understood the issues of rapid security expansion expansion and all the remote database issues. Why did the US gov and mil think it was a good idea or safe to allow complex files of that nature to just move regional and national networks from the mid 1990's on?

No more NSA

[Charliemopps]

So the NSA is clearly useless, and making the situation worse. They are not, and cannot protect us electronically. Instead, they are collecting all of our information and storing it for the inevitable hack that will give it to the rest of the world. The first question I ask when I'm asked to secure data is: "Do we actually need this data?" You can't steel what doesn't exist. Why the hell did this agency have data on people going back to the 1980s? Why is the NSA collecting data on all of us? It's a pointless endeavor that's putting us all at risk.