Last week's unprecedented hack attack on data linked to US federal workers was far more massive than originally realised and threatens a "devastating" impact on counter-intelligence and American security, officials warn.
The attack, believed by US officials to have been launched by the Chinese government, also breached a database holding sensitive security clearance information on millions of federal employees and contractors, officials have revealed.
"This is potentially devastating from a counter-intelligence point of view," Joel Brenner, a former top counter-intelligence official for the US government, told the Washington Post. "These forums contain decades of personal information about people with clearances ... which makes them easier to recruit for foreign espionage on behalf of a foreign country."
The hack breached the basic database on roughly 4 million current and former federal employees, possibly including data on officials as senior as cabinet secretaries. The president's and vice-president's data were not breached, said officials of the Office of Personnel Management.
But a second hacked database contains sensitive information collected as part of security clearance background checks — called SF-86 data — which includes applicants' financial histories and investment records, children's and relatives' names, foreign trips taken and contacts with foreign nationals, past residences and names of neighbours and close friends.
The Office of Personnel Management doesn't usually hold background-check records of employees of intelligence agencies such as the CIA, but in some cases it does, officials said.
"That's the open question — whether it's going to hit CIA folks," a source told the Post.