When the Office of Personnel Management began investigating a data breach, it was already a dire situation, with 4.2 million federal workers’ information stolen. Then things got worse. And worse.
During the investigation of the hack, the OPM found a second theft, the existence of which was first reported back in June. But today, we learned that this second data theft hijacked personal information from between 21 million and 25 million federal workers and contractors. That’s larger than the population of New York State!
OPM Director Katherine Archuleta already testified to the breach’s breadth today in a Congressional hearing, and Congressional sources told the National Journal that OPM will publicly acknowledge the scope of the theft later today.
At a Congressional hearing yesterday, FBI Director James Comey called the breach “enormous.” He didn’t name specific numbers, but admitted that his information was compromised.
An even larger theft of government data went down in 2006, when over 26 million files from the Department of Veteran Affairs were stolen. That theft occurred because someone physically stole a laptop that an employee had taken home without authorization, though, so this looks like the largest known breach to occur digitally.
We’ll update our post as we learn more—and considering that this breach just keeps getting bigger and bigger, there might be quite a few updates to come.
If any affected employees or contractors want to share your experience with how the government is handling the disclosure and effects of this theft, please let me know in the comments or email me at firstname.lastname@example.org
Update 4:51 pm: OPM has announced that 19.7 million background investigation forms and 1.1 million fingerprint records were stolen.