The major hack into federal systems announced last week may be far larger than first thought, with records of as may as 14 million employees reportedly at risk.
Two people briefed on the investigation into this latest attack on US government systems, which saw hackers access records from US Office of Personnel Management (OPM), said as many as 14 million current and former US government employees had their personal information exposed to hackers.
The Obama administration previously disclosed that the assault affected four million current and ex government staffers.
One congressional official and one former US official, who spoke to the Associated Press anonymously, said this new estimate puts the number of compromised records between nine and 14 million, with records dating back to the 1980s, meaning that hackers likely stole confidential information of every single federal employee, past or present.
This is further backed up by a letter obtained by the National Journal, which was sent to OPM director Katherine Archuleta from president of the American Federation of Government Employees (AFGE), David Cox.
He said: "We believe that the Central Personnel Data File was the targeted database and that the hackers are now in possession of all personnel data for every federal employee, every federal retiree and up to one million former federal employees."
However, Jackie Koszczuk, a spokeswoman for the Office of Personnel Management, said in the Associated Press report that every current and retired federal employee's records were compromised was not correct.
The unnamed officials also the attack also appears to have been on-oing for up to a year, much longer than the six months originally reported by the US government.
The US government has remained tight-lipped on the attack, although reportedly strongly suspects that it was carried out by hackers in China.
"[This is] yet another indication of a foreign power probing successfully and focusing on what appears to be data that would identify people with security clearances," Susan Collins, a member of the Senate Intelligence Committee ,said last week.
In a seperate report, The New York Times claims that the stolen data also contains highly personal information that could be problematic for the US government.
"Chinese hackers who attacked the databases of the Office of Personnel Management may have obtained the names of Chinese relatives, friends and frequent associates of American diplomats and other government officials, information that Beijing could use for blackmail or retaliation," it said.
The damage was not limited to information about China, though that presumably would have been of most interest to the hackers, the report adds.
North Korean hackers reportedly step up their activity as tensions with the US increase
Ice Lake probably won't appear before 2019 at the earliest
Krzanich follows Kevin Plank of Under Armor and Kenneth Frazier of Merck
Release of latest version of Android imminent