And let the shouting begin about who’s fault it was.
‘Most devastating cyber attack in US history’
Source: As the US realises it’s been PWNED, when will OPM heads roll? • The Register
“Incidentally, the stolen OPM database was reportedly being offered on Hell, an onion site hosting a e-crim forum. According to Brian Krebs. However, the database being flogged actually originated from a different, undisclosed, data breach of Unicor.gov, also known as Federal Prison Industries.”
Chances are that everyone now knows how to infiltrate the US government as SF-86 government clearance forms were copied as well:
“Likely included in the hackers’ haul: information about workers’ sexual partners, drug and alcohol abuse, debts, gambling compulsions, marital troubles, and any criminal activity.”
Extortion bonanza: OPM hack exposed “intimate details” of cleared personnel
The best analysis I have found of the hack so far is on Ars Technica, Why the “biggest government hack ever” got past the feds
The way the OPM is handling this is extremely poor, with them admititng first to a breach of 4m records, then the FBI publically telling them it’s 18m. There’s even a 32m record breach being reported somewhere.
Robin Edgar
Organisational Structures | Technology and Science | Military, IT and Lifestyle consultancy | Social, Broadcast & Cross Media | Flying aircraft