Hackers took fingerprints of 5.6 million U.S. workers
WASHINGTON — Just a day before the arrival of President Xi Jinping of China for a meeting with President Obama that will be focused heavily on limiting cyberespionage, the Office of Personnel Management said Wednesday that the hackers who stole security dossiers from the agency also got the fingerprints of 5.6 million federal employees.
The attack on the agency, which is the main custodian of the government’s most important personnel records, has been attributed to China by U.S. intelligence agencies, but it is unclear exactly what group or organization engineered it. Before Wednesday, the agency had said it lost only 1.1 million sets of fingerprints among the 22.5 million individuals whose records were compromised.
“Federal experts believe that, as of now, the ability to misuse fingerprint data is limited,” the agency said in a statement that came out just as Washington was focused on the arrival of Pope Francis on the South Lawn of the White House. But clearly the uses are growing, as biometrics are used more frequently to assure identity in secure government facilities and even on personal iPhones.
The agency said that an “interagency working group,” with help from the FBI, the Department of Homeland Security and intelligence agencies, would “review the potential ways adversaries could misuse fingerprint data now and in the future.”
One of the biggest concerns about the breach of personnel records has been that China, or any other nations given access to the data, could use it to identify intelligence agents, defense personnel or government contractors. Other data on the forms that were obtained, about matters as varied as bankruptcies and personal and sexual relationships, could be used for blackmail.
In testimony to a House committee recently, intelligence officials said they had seen no evidence that the data lifted from the Office of Personnel Management over more than a year had been used for any financial purpose, like gaining access to bank accounts or credit cards.