Cybersecurity

New major hack hits spy agencies, impact ‘potentially devastating’

Chinese-based hackers have apparently gained access to private security clearance information for millions of intelligence and military personnel, U.S. officials said Friday.

The hack is separate from another recently disclosed one that has rocked the Office of Personnel Management (OPM) and led to the exposure of up to 14 million people’s information, according to an Associated Press report.

{mosads}The background check forms compromised in this second hack are known as Standard Form 86 and include a bevy of personal information, including details on mental illnesses, drug and alcohol use, past arrests and bankruptcies.

The forms also include detailed information on friends, roommates and relatives, which could leave the personal data of vast numbers of Americans and foreigners compromised.

Even prospective government employees who went through some degree of a background investigation are potentially at risk. 

The breach could expose millions of employees across the CIA, National Security Agency and Pentagon.

According to the AP, nearly 3 million people have been investigated for security clearance since October 2014.

An OPM spokesman said the agency discovered the infiltration of background check documents while investigating the scope of the initial breach. 

The agency notified “relevant agencies” on June 8 that it had a “high degree of confidence” the background data had been taken, said OPM spokesman Samuel Schumach.

But the agency has not yet started notifying personnel about the new attack, Schumach said.

“Once we have conclusive information about the breach, we will announce a notification plan for individuals whose information is determined to have been compromised,” he explained.

The ramifications of such a theft are far-reaching.

“This is potentially devastating from a counterintelligence point of view,” Joel Brenner, a former top counterintelligence official for the U.S. government, told The Washington Post. “These forums contain decades of personal information about people with clearances … which makes them easier to recruit for foreign espionage on behalf of a foreign country.”

The stolen files could even help unmask covert CIA agents, the Post reported.  

“Hackers have hit the motherload [sic] with this second breach,” said Adam Levin, chairman of identity security firm IDT911, in a statement. “They now have the crown jewel to our national security.”

Republican lawmakers quickly responded to reports of the new hack, chastising the Obama administration for its security failures. 

Sen. Steve Daines (R-Mont.) warned that the breach “could have devastating implications for our national security.”

“It is deeply troubling that the Obama administration has yet to prioritize addressing this serious problem,” he added.

The OPM’s first hack, revealed last week, was initially thought to have compromised all current and former civilian employees, roughly 4 million people.

But rumors started circulating this week that the 4 million figure was expected to grow as investigators looked into the incident.

The largest federal employee’s union said on Thursday that the hackers had gotten to military personnel as well, pilfering health insurance and life insurance plans, military records and Social Security numbers.

Government contractors and outsiders named in employee files could also be exposed.