Sec­ond hack ex­posed mil­i­tary, in­tel: US


Hack­ers linked to China ap­pear to have gained ac­cess to the sen­si­tive back­ground in­for­ma­tion sub­mit­ted by in­tel­li­gence and mil­i­tary per­son­nel for se­cu­rity clear­ances, sev­eral U.S. of­fi­cials said Fri­day, de­scrib­ing a sec­ond cy­ber­breach of fed­eral records that could dramatically com­pound the po­ten­tial dam­age.

The forms au­thor­i­ties be­lieved to have been ac­cessed, re­quire ap­pli­cants to fill out deeply per­sonal in­for­ma­tion about men­tal ill­nesses, drug and al­co­hol use, past ar­rests and bankrupt­cies. They also re­quire the list­ing of con­tacts and rel­a­tives, po­ten­tially ex­pos­ing any for­eign rel­a­tives of U.S. in­tel­li­gence em­ploy­ees to co­er­cion. Both the ap­pli­cant’s na­tional iden­ti­fi­ca­tion num­ber and that of his or her co­hab­i­tant is re­quired.

The of­fi­cials spoke on con­di­tion of anonymity be­cause the se­cu­rity clear­ance clas­si­fied.

In a state­ment, the White House said that on June 8, in­ves­ti­ga­tors con­cluded there was “a high de­gree of con­fi­dence that ... sys­tems con­tain­ing in­for­ma­tion re­lated to the back­ground in­ves­ti­ga­tions of cur­rent, for­mer and prospec­tive fed­eral gov­ern­ment em­ploy­ees, and those for whom a fed­eral back­ground in­ves­ti­ga­tion was con­ducted, may have been ex­fil­trated.”

“This tells the Chi­nese the iden­ti­ties of al­most every­body who has got a United States se­cu­rity clear­ance,” said Joel Bren­ner, a for­mer top U.S. coun­ter­in­tel­li­gence of­fi­cial. “That makes it very hard for any of those peo­ple to func­tion as an in­tel­li­gence of­fi­cer. The data­base also tells the Chi­nese an enor­mous amount of in­for­ma­tion about al­most ev­ery­one with a se­cu­rity clear­ance. That’s a gold mine. It helps you ap­proach and re­cruit spies.”



The Of­fice of Per­son­nel Man­age­ment, a cen­tral per­son­nel data­base, which was the tar­get of the hack, has not of­fi­cially no­ti­fied mil­i­tary or in­tel­li­gence per­son­nel whose se­cu­rity clear­ance data was breached, but news of the sec­ond hack was start­ing to cir­cu­late in both the Pen­tagon and the CIA.

The of­fi­cials said they be­lieve the hack into the se­cu­rity clear­ance data­base was sep­a­rate from the breach of fed­eral per­son­nel data an­nounced last week — a breach that is it­self ap­pear­ing far worse than first be­lieved. It could not be learned whether the se­cu­rity data­base breach hap­pened when an OPM con­trac­tor was hacked in 2013, an attack that was dis­cov­ered last year. Mem­bers of Congress re­ceived clas­si­fied brief­ings about that breach in Septem­ber, but there was no men­tion of se­cu­rity clear­ance in­for­ma­tion be­ing ex­posed.

The OPM had no im­me­di­ate com­ment Fri­day.

Newspapers in English

Newspapers from Taiwan

© PressReader. All rights reserved.