Government Personnel Agency Admits Chinese Hackers Stole Personal Data About 21.5 Million Americans


China's big hack of sensitive government personnel records just got a whole lot bigger.

The Office of Personnel Management, which oversees government employee records (it's basically the government's HR department) announced today that sensitive personal information, including Social Security numbers, had been compromised for some 21.5 million people, in what appears to be a second major breach of government records. 

The information was stolen from background investigation databases, according to Reuters.

In addition to Social Security numbers, the information included "residency and educational history; employment history; information about immediate family and other personal and business acquaintances; health, criminal and financial history; and other details," OPM said, according to National Journal

Most were for individuals who had gone through the background investigation process, but, according to National Journal, about 1.8 million of the affected people were family members of people who'd undergone background investigation. 

The 21.5 million people affected are in addition to the 4.2 million federal workers that already had background check material compromised via a "separate, but related" incident, Reuters reports. There's some overlap between the two groups. 

The smaller hack compromised, among other things, security clearance information for millions of former, current, and potential government employees. China also obtained dirt on an unknown number of government workers' sex lives, gambling habits, drug and alcohol addictions, and marital problems, according to a June report in The Daily Beast

All together, personal information for about 25 million people, or about 7.7 percent of the U.S. population, has been compromised by foreign hackers.

OPM has been reviewing its IT security, and announced last month that it was temporarily shuttering its background-info submission portal after a vulnerability had been discovered, although no breach had been detected through this particular vulnerability. 

As of mid-June, President Obama maintained that he still had confidence in OPM Director Katherine Archuleta, who served as the National Political Director on Obama's 2012 campaign, despite the first serious breach. We'll see how long that lasts. 

NEXT: Confederate Flag Comes Down Tomorrow, Zakarian Drops Plans with Trump, FBI Claims to Have Stopped July 4 Plots: P.M. Links

Editor's Note: We invite comments and request that they be civil and on-topic. We do not moderate or assume any responsibility for comments, which are owned by the readers who post them. Comments do not represent the views of or Reason Foundation. We reserve the right to delete any comment for any reason at any time. Report abuses.

  1. As of mid-June, President Obama maintained that he still had confidence in OPM Director Katherine Archuleta…

    You’re doing a heckuva job, Archie.

    1. But how does she feel about diversity?

    2. Do you think she knows the first thing about security? I actually don’t see much of a reason to blame her.

      1. Her predecessor was worse. Apparently she was the first one to actually hire IT security personnel.

        But of course Obama’s got faith in her…he’s a feeble-minded incompetent.

    3. Dealing with OPM is one of the worst parts of my job and I delegate that task to my subordinates. About 1/3 of the time when we call them, we wait on hold for an hour and then get hung up on. Another 1/3 they refuse to talk to me and then hang up on me and about 1/3 of the time I get the information I need (after waiting on hold for an hour).

      I could talk for hours about how horrible they are.

  2. She was a national political director? I am satisfied.

  3. it’s no big deal if these government employees have nothing hide.

    1. I applied to my local airport for employment in 2012. Filled out forms for days, etc. Heard from them later, but didn’t take the job.
      Several weeks ago I get a letter from DHS saying my information was compromised by the breach of government records.
      WTF. I’ve never been employed by them but my records are forever. At least they assured me that they have my back if everything goes to shit. hahahahahahahahahahahahahahahaha

  4. Oh, I’ve got a great idea! Let’s put these people in charge of setting up and managing all of the backdoors in our encryption!

    Yes! Best idea I’ve had all week!

    1. #WINNING

  5. I have no doubt in my mind that there were cyber security folks sounding the alarm about this being very realistic and that things needed to be done ASAP to prevent it from happening. They were probably shut out, reassigned somewhere else, threatened, and/or fired. I hope some of them step forward and blow the whistle on this. There needs to be some big heads on the chopping block.

    1. Right. That’ll happen. Right after unicorns fly out of Hillary Clinton’s ass.
      You know why, right?

      1. She was under no obligation to release even a single unicorn from her sphinctery clutches but went above and beyond the call of duty, spewing forth a veritable stampede of the wondrous beasts.

    2. I have no doubt in my mind that there were cyber security folks sounding the alarm about this being very realistic and that things needed to be done ASAP to prevent it from happening.

      They were probably just privileged straight white males; their views don’t count.

  6. Obama is the president, therefore no big deal to the media. Could you imagine if Bush was still in office though?

    1. Well if Bush hadn’t been so terrible necessitating the Great One Run for President the first place, to have this lovely, competent woman be part of the campaign, and be rewarded with a cushy apparatchiki job in DC, none of this would have happened.

      In the end, what is so terrible about this? The Chinese simply now have the names and billing addresses when they send out invoices when the loans come due. They can start with the government parasites first.

      1. Sadly, the hacked list include us private sector people with security clearances too. There is enough info in each of those files to answer ANY questions a bank or credit agency would ask to verify identity.

        This might be what leads to “universal” biometric verification. Or embedded chips in the skin, mark of the beast, etc.

  7. How long does the train of abuses and usurpations have to be? It already wraps around the planet a few thousand times.

    1. Icksna noa etha busesa dana surpationas. Oota uchma ikela oodchipperswa.

  8. So, the government is probably never going to even tell the individuals involved, right? I mean, that’s reserved for private entities. Government wouldn’t do that as it might lead to some angry voters.

    Good chance my own data was in there.

    1. I thought mine might be in the smaller batch, but had some hope since i’ve never been a direct fed employee. I’m definitely in the larger group, at least 3 times for myself, plus other times as a reference.

  9. Isn’t it considerate of the US Gov to do all these investigations of all the Top Men and their henchmen to collect all this info for the Chinese?

  10. So, I’m wondering… is this grounds for a class-action lawsuit?

  11. OPM has been reviewing its IT security,

    Sounds like it shouldn’t take them very long to do that.

  12. I’d be willing to chip in a few extra taxes to pay for Kaspersky Labs to secure the govt databases.

    1. secure raze

  13. Heck of a job, Barry will give you a raise !!

  14. I see iowahawk has been on a tear today retweeting a bunch of 3-year-old tweets from morons smugly mocking Mitt Romney for saying that the Chinese are hacking our/government computers.

    1. Including one from Archuletta herself that read “Romney’s statements reveal little understanding of what’s going on in the 21st century”. Ooops.

  15. Got it! Nice.

    1. Ahh… My kingdom for an edit button!

      That was supposed to be in response to R C Dean’s comment about it not taking very long.

      I’ll get the hang of this yet.

  16. what I was going to say is…

    4.2 million federal workers

    About 4.1 million too many, in my opinion.

    1. WTF do 4.2 million federal workers do? I mean seriously.

      1. TPS reports & Conferences.

        1. seems legit

        2. +1 Office Space

        3. Yep, bureaucrats are society’s middle management.

      2. Supply support to the 40+ million pretending to do work.

  17. Well the bad thing is that they copied the data. If they actually stole it as in the US Government no longer has it but the Chinese now do, they would probably be better off.

  18. China goes PEW PEW PEW !!!!


  19. I received a letter from the D.o.D. some years back stating that all my personal information was accessed and may be in the hands of malicious parties. It was decent of them to give me a heads up, that I will grant them. However, it’s just another straw on the camel’s back of ability to trust our masters with my own personal information.

  20. Maybe now that our rulers are loosing their servant’s own personal information, they might actually do something to improve the security situation. Yeah, like that’s going to happen.

  21. Wow, I’m probably on the list.

  22. Why the worry about personal information being taken by the Chinese when virtually every activity of about 300 million Americans is being recorded constantly by numerous domestic organizations?

  23. …and these people just took over our healthcare?

Please to post comments

Comments are closed.