Second hack exposed military and intel data

Before you go, we thought you'd like these...
Before you go close icon
Second Hack Exposed Military and Intel Data
WASHINGTON (AP) -- Hackers linked to China appear to have gained access to the sensitive background information submitted by intelligence and military personnel for security clearances, several U.S. officials said Friday, describing a second cyberbreach of federal records that could dramatically compound the potential damage.

The forms authorities believed to have been accessed, known as Standard Form 86, require applicants to fill out deeply personal information about mental illnesses, drug and alcohol use, past arrests and bankruptcies. They also require the listing of contacts and relatives, potentially exposing any foreign relatives of U.S. intelligence employees to coercion. Both the applicant's Social Security number and that of his or her cohabitant is required.

The officials spoke on condition of anonymity because the security clearance material is classified.

"This tells the Chinese the identities of almost everybody who has got a United States security clearance," said Joel Brenner, a former top U.S. counterintelligence official. "That makes it very hard for any of those people to function as an intelligence officer. The database also tells the Chinese an enormous amount of information about almost everyone with a security clearance. That's a gold mine. It helps you approach and recruit spies."

The Office of Personnel Management, which was the target of the hack, has not officially notified military or intelligence personnel whose security clearance data was breached, but news of the second hack was starting to circulate in both the Pentagon and the CIA.

The officials said they believe the hack into the security clearance database was separate from the breach of federal personnel data announced last week - a breach that is itself appearing far worse than first believed. It could not be learned whether the security database breach happened when an OPM contractor was hacked in 2013, an attack that was discovered last year. Members of Congress received classified briefings about that breach in September, but there was no mention of security clearance information being exposed.

17 PHOTOS
Federal data hack, U.S. government, data breach
See Gallery
Second hack exposed military and intel data
Katherine Archuleta, director of the Office of Personnel Management, listens during a hearing of the Senate Homeland Security and Governmental Affairs Committee on Capitol Hill June 25, 2015 in Washington, DC. Witnesses testified about the hacking of Office of Personnel Management data. (Photo credit: BRENDAN SMIALOWSKI/AFP/Getty Images)
From left Katherine Archuleta, director of the Office of Personnel Management, US Chief Information Officer Tony Scott, Assistant Homeland Security Secretary for National Protection and Programs Andy Ozment, and McFarland, inspector general of the Office of Personnel Management, are sworn in during a hearing of the Senate Homeland Security and Governmental Affairs Committee on Capitol Hill June 25, 2015 in Washington, DC. Witnesses testified about the hacking of Office of Personnel Management data. AFP PHOTO/BRENDAN SMIALOWSKI (Photo credit should read BRENDAN SMIALOWSKI/AFP/Getty Images)
UNITED STATES - JUNE 23 - Katherine Archuleta, director, Office of Personnel Management, testifies during a Senate Appropriations Financial Services and General Government Subcommittee hearing to review data security and information technology spending at the Office of Personal Management on Capitol Hill on Tuesday, June 23, 2015. (Photo By Al Drago/CQ Roll Call)
WASHINGTON, DC - JUNE 23: Katherine Archuleta, director of Office of Personnel Management, arrives for a Senate Appropriations Financial Services and General Government Subcommittee hearing to review information technology spending and data security at the U.S. Office of Personnel Management, on Capitol Hill, June 23, 2015 in Washington, DC. FBI Director James Comey recently told Senators in a closed-door meeting that the personal data of an estimated 18 million current and former federal employees were affected by a recent cyber breach at the Office of Personnel Management. (Drew Angerer/Getty Images)
White House Press Secretary Josh Earnest answers questions on the massive cyber-attack on the personal data of government employees June 5, 2015 during the daily briefing in the Brady Briefing Room of the White House in Washington, DC. The US government on Thursday admitted hackers accessed the personal data of at least four million current and former federal employees, in a vast cyber-attack suspected to have originated in China. AFP PHOTO/Mandel NGAN (Photo credit should read MANDEL NGAN/AFP/Getty Images)
White House Press Secretary Josh Earnest answers questions on the massive cyber-attack on the personal data of government employees June 5, 2015 during the daily briefing in the Brady Briefing Room of the White House in Washington, DC. The US government on Thursday admitted hackers accessed the personal data of at least four million current and former federal employees, in a vast cyber-attack suspected to have originated in China. AFP PHOTO/Mandel NGAN (Photo credit should read MANDEL NGAN/AFP/Getty Images)
A gate leading to the Homeland Security Department headquarters in northwest Washington, Friday, June 5, 2015. China-based hackers are suspected once again of breaking into U.S. government computer networks, and the entire federal workforce could be at risk this time. The Department of Homeland Security said in a statement that data from the Office of Personnel Management _ the human resources department for the federal government _ and the Interior Department had been compromised. (AP Photo/Susan Walsh)
White House Press Secretary Josh Earnest answers questions on the massive cyber-attack on the personal data of government employees June 5, 2015 during the daily briefing in the Brady Briefing Room of the White House in Washington, DC. The US government on Thursday admitted hackers accessed the personal data of at least four million current and former federal employees, in a vast cyber-attack suspected to have originated in China. AFP PHOTO/Mandel NGAN (Photo credit should read MANDEL NGAN/AFP/Getty Images)
WASHINGTON, DC - JUNE 05: The Theodore Roosevelt Federal Building that houses the Office of Personnel Management headquarters is shown June 5, 2015 in Washington, DC. U.S. investigators have said that at least four million current and former federal employees might have had their personal information stolen by Chinese hackers. (Photo by Mark Wilson/Getty Images)
WASHINGTON, DC - JUNE 05: The entrance to the Theodore Roosevelt Federal Building that houses the Office of Personnel Management headquarters is shown June 5, 2015 in Washington, DC. U.S. investigators have said that at least four million current and former federal employees might have had their personal information stolen by Chinese hackers. (Photo by Mark Wilson/Getty Images)
WASHINGTON, DC - JUNE 05: The Theodore Roosevelt Federal Building that houses the Office of Personnel Management headquarters is shown June 5, 2015 in Washington, DC. U.S. investigators have said that at least four million current and former federal employees might have had their personal information stolen by Chinese hackers. (Photo by Mark Wilson/Getty Images)
White House press secretary Josh Earnest speaks about the Chinese hack of the computer system of the Office of Personnel Management, Friday, June 5, 2015, during the daily press briefing at the White House in Washington. (AP Photo/Evan Vucci)
Graphic shows details of recent notable data breaches by organization; 3c x 6 inches; 146 mm x 152 mm;
FILE - This Feb. 24, 2015, file photo, shows the Homeland Security Department headquarters in northwest Washington. The Department of Homeland Security said in a statement Thursday, June 4, 2015, that data from the Office of Personnel Management and the Interior Department had been hacked. (AP Photo/Manuel Balce Ceneta, File)
The American flag is reflected in a window at the Theodore Roosevelt Building, headquarters of the U.S. Office of Personnel Management (OPM), in Washington, D.C., U.S., on Friday, June 5, 2015. The disclosure by U.S. officials that Chinese hackers stole records of as many as 4 million government workers is now being linked to the thefts of personal information from health-care companies. The hackers, thought to have links to the Chinese government, got into the OPM computer system late last year, according to one U.S. official. Photographer: Andrew Harrer/Bloomberg via Getty Images
Vehicles drive past the Theodore Roosevelt Building, headquarters of the U.S. Office of Personnel Management (OPM), in Washington, D.C., U.S., on Friday, June 5, 2015. The disclosure by U.S. officials that Chinese hackers stole records of as many as 4 million government workers is now being linked to the thefts of personal information from health-care companies. The hackers, thought to have links to the Chinese government, got into the OPM computer system late last year, according to one U.S. official. Photographer: Andrew Harrer/Bloomberg via Getty Images
of
SEE ALL
BACK TO SLIDE
SHOW CAPTION +
HIDE CAPTION

The OPM had no immediate comment Friday.

Nearly all of the millions of security clearance holders, including CIA, National Security Agency and military special operations personnel, are potentially exposed in the security clearance breach, the officials said. More than 4 million people had been investigated for a security clearance as of October 2014, according to government records.

In the hack of standard personnel records announced last week, two people briefed on the investigation disclosed Friday that as many as 14 million current and former civilian U.S. government employees have had their information exposed to hackers, a far higher figure than the 4 million the Obama administration initially disclosed.

American officials have said that cybertheft originated in China and that they suspect espionage by the Chinese government, which has denied any involvement.

The newer estimate puts the number of compromised records between 9 million and 14 million going back to the 1980s, said one congressional official and one former U.S. official, who spoke to The Associated Press on condition of anonymity because information disclosed in the confidential briefings includes classified details of the investigation.

There are about 2.6 million executive branch civilians, so the majority of the records exposed relate to former employees. Contractor information also has been stolen, officials said. The data in the hack revealed last week include the records of most federal civilian employees, though not members of Congress and their staffs, members of the military or staff of the intelligence agencies.

On Thursday, a major union said it believes the hackers stole Social Security numbers, military records and veterans' status information, addresses, birth dates, job and pay histories; health insurance, life insurance and pension information; and age, gender and race data.

The personnel records would provide a foreign government an extraordinary roadmap to blackmail, impersonate or otherwise exploit federal employees in an effort to gain access to U.S. secrets -or entry into government computer networks.

Outside experts were pointing to the breaches as a blistering indictment of the U.S. government's ability to secure its own data two years after a National Security Agency contractor, Edward Snowden, was able to steal tens of thousands of the agency's most sensitive documents.

After the Snowden revelations about government surveillance, it became more difficult for the federal government to hire talented younger people into sensitive jobs, particularly at intelligence agencies, said Evan Lesser, managing director of ClearanceJobs.com, a website that matches security-clearance holders to available slots.

"Now, if you get a job with the government, your own personal information may not be secure," he said. "This is going to multiply the government's hiring problems many times."

The Social Security numbers were not encrypted, the American Federation of Government Employees said, calling that "an abysmal failure on the part of the agency to guard data that has been entrusted to it by the federal workforce."

"Unencrypted information of this kind this is disgraceful - it really is disgraceful," Brenner said. "We've had wakeup calls now for 20 years or more, and we keep hitting the snooze button."

Samuel Schumach, an OPM spokesman, would not address how the data was protected or specifics of the information that might have been compromised, but said, "Today's adversaries are sophisticated enough that encryption alone does not guarantee protection." OPM is nonetheless increasing its use of encryption, he said.

The Obama administration had acknowledged that up to 4.2 million current and former employees whose information resides in the Office of Personnel Management server are affected by the December cyberbreach, but it had been vague about exactly what was taken.

J. David Cox, president of the American Federation of Government Employees, said in a letter Thursday to OPM director Katherine Archuleta that based on incomplete information OPM provided to the union, "the hackers are now in possession of all personnel data for every federal employee, every federal retiree and up to 1 million former federal employees."

Another federal employee group, the National Active and Retired Federal Employees Association, said Friday that "at this point, we believe AFGE's assessment of the breach is overstated." It called on the OPM to provide more information.

Rep. Mike Rogers, the former chairman of the House Intelligence Committee, said last week that he believes China will use the recently stolen information for "the mother of all spear-phishing attacks."

Spear-phishing is a technique under which hackers send emails designed to appear legitimate so that users open them and load spyware onto their networks.

---

Associated Press writer Lolita C. Baldor contributed to this story.

Read Full Story

Sign up for Breaking News by AOL to get the latest breaking news alerts and updates delivered straight to your inbox.

Subscribe to our other newsletters

Emails may offer personalized content or ads. Learn more. You may unsubscribe any time.

From Our Partners