Feds acknowledge more than 5M fingerprints stolen in breach, far more than thought

23 Sep 2015 | Author: | No comments yet »

Fingerprints from 5.6 million people were stolen in huge U.S. data breach.

More than a quarter of the victims in a cyberattack on the federal government — which lost data belonging to 21 million people — also had their fingerprints stolen, a federal agency said Wednesday.The federal Office of Personnel Management announced this week that it had underestimated fingerprint data stolen in a massive hack of its system earlier this year. “As part of the government’s ongoing work to notify individuals affected by the theft of background investigation records, the Office of Personnel Management and the Department of Defense have been analyzing impacted data to verify its quality and completeness,” a news release from the office stated. “During that process, OPM and DOD identified archived records containing additional fingerprint data not previously analyzed.” Letters will be sent to the people who were impacted by this breach, but, for now, experts reviewing the situation believe misuse of this data is limited. “However, this probability could change over time as technology evolves,” OPM’s statement acknowledged. “Therefore, an interagency working group with expertise in this area – including the FBI, DHS, DOD, and other members of the Intelligence Community – will review the potential ways adversaries could misuse fingerprint data now and in the future.” In July, when it was revealed that fingerprint data was included in the breach, CNN reported cybersecurity expert Robert Lee said the theft of this data, over passwords, for example, is particularly concerning. “It’s not like they have someone’s password. Officials are quick to note that this digit data won’t be as useful to the hackers as the other sensitive information leaked through the attack (fooling a fingerprint reader requires some skill). The people in the hacked database included current and former federal employees, as well as people who had applied for background checks and their relatives.

However, there’s a concern that the thieves could find a way to misuse those prints — and it’s not as if you can change your fingers once they’ve been compromised. The announcement doesn’t increase the estimate that the hack compromised sensitive information and Social Security numbers of 21.5 million individuals, some of whom were screened for U.S. government security clearances. The stolen information includes Social Security numbers; findings from background check interviews; information about past addresses, education and jobs; criminal and financial histories; and “some information regarding mental health.” Many reports have linked the attack to Chinese hackers. Ben Sasse (R-Neb.) said in a statement. “The American people have no reason to believe that they’ve heard the full story and every reason to believe that Washington assumes they are too stupid or preoccupied to care about cyber security.” Jason Chaffetz, chairman of the House Oversight & Government Reform Committee, also issued a statement blasting OPM because it “keeps getting it wrong.” “This breach continues to worsen for the 21.5 million Americans affected,” the Republican congressman from Utah said. “I have zero confidence in OPM’s competence and ability to manage this crisis. You’ll get to keep your current user name (as long as it doesn’t contain invalid characters, in which case you’ll have to go through a few extra steps to make the transfer), and all your old comments will eventually (not immediately) migrate with you.

Here you can write a commentary on the recording "Feds acknowledge more than 5M fingerprints stolen in breach, far more than thought".

* Required fields
Twitter-news
Our partners
Follow us
Contact us
Our contacts

dima911@gmail.com

ICQ: 423360519

About this site