As reported by the Washington Post on June 4th – “Hackers working for the Chinese state breached the computer system of the Office of Personnel Management (OPM) in December, US officials said Thursday, and the agency will notify about 4 million current and former federal employees that their personal data may have been compromised.”
What is OPM? The organization that collects, collates and manages all the security clearance information for US personnel. That includes biographical details about the people in the US government who hold security clearances.
This is the single biggest US security breach since at least the Cold War, although I am personally struggling to think of anything directed against the US that approaches this scale. You can change access codes, passwords and encryption standards in a compromised computer system fairly easily but once the names and biographical details of everyone who holds a clearance are stolen by a rival nation for nefarious purposes … that’s a whole different ballgame.
The identity of the Watchers at NSA, CIA and the Pentagon are now likely known to the Chinese military. Some of these individuals will be the target of Chinese surveillance operations ranging from spear phishing emails to physical shadowing. In war time they may actually become targets for kinetic operations. American spies used to be able
to watch the Iranians, Chinese and Russians secure in the knowledge that they could observe without putting themselves at risk of detection. That era – the era of the American Panopticon – is over.
Update June 25th, 2015: Its possible that the number of affected could be as high as 18 million.
