The hackers who compromised millions of US government employees' personal data may have gotten off with much more than previously believed. According to the Associated Press, upward of 9 million to 14 million current and former civilian employees may have had their information taken from the Office of Personnel Management, rather than the theft being limited to the 4 million figure announced last week. That data also contains highly personal information that could be problematic for the US government, according to The New York Times.
There are concerns the information could be used for blackmail
Though the US has yet to formally identify the attackers, it's widely reported that Chinese hackers, possibly state sponsored, are believed to be behind the breach. That introduces a new set of problems than if the hackers were simply criminals looking for social security numbers. The Times reports that the hackers may have acquired the names of people living in China who are friends, relatives, or associates of government employees, possibly even diplomats or other officials. There are now concerns that the information can be used for blackmail.
High-level American officials are reportedly required to regularly update the government on their relatives and contacts as part of obtaining security clearances, which is why that information was in the hands of the Office of Personnel Management. The Times reports that at least some of this information was compromised, though investigators are still unsure of exactly how many names were taken. The majority of the information is likely to be on former government employees, the AP reports, but that still leaves around 4.2 currently million employees potentially impacted by the breach. BuzzFeed reports that the US government is now telling current and former employees to use added precautions with regard to their security.