Hackers stole 5.6 million US fingerprints – more than estimated

Daily News Article   —   Posted on September 29, 2015

NOTE: The U.S. Office of Personnel Management (OPM) is an independent agency of the United States government that manages the civil service of the federal government.

(by Jose Pagliery, CNN) — On Wednesday, the U.S. Office of Personnel Management (OPM) said hackers stole 5.6 million fingerprints it had on file. That’s significantly higher than the agency’s original estimate of 1.1 million fingerprints.

This is extremely sensitive information that poses an immediate danger to American spies and undercover law enforcement agents.

As an OPM spokesman told CNNMoney in July: “It’s across federal agencies. It’s everybody.”

Hackers now have a gigantic database of American government employee fingerprints which can be used to positively identify the true identities of those employees.

Anyone with these records could check to see if a diplomat at a U.S. embassy is secretly an employee of an American intelligence agency. That person could then be targeted for arrest or assassination.

That’s particularly alarming, given that U.S. Intelligence Director James Clapper says China is the number one suspect behind the hack.

China and the United States are major trade partners and — for the most part — allies. But the world’s two superpowers are also butting heads.

America is solidifying its influence in southeastern Asia, even as China — on the rise both politically and economically — is expanding its influence in Africa, South America and the Pacific.

In a statement Wednesday, the personnel agency said experts from the Department of Homeland Security, FBI, spy agencies and the U.S. military are meeting to figure out “potential ways adversaries could misuse fingerprint data now and in the future.”

One former CIA officer told CNNMoney he worries that details of his secret past is now in the hands of the Chinese government.

To a lesser extent, there’s also a concern that 5.6 million people can no longer rely on their fingerprints as a security mechanism. This is a problem, given that smartphones and buildings are increasingly using biometric scanners to grant access.

OPM said that “the ability to misuse fingerprint data is limited. However, this probability could change over time as technology evolves.”

Hackers stole federal personnel data on 21.5 million people, including federal employees, contractors, and in some cases their friends and family (because of background checks). That includes Social Security numbers.

But cybersecurity experts say the fingerprints could be one of the worst aspects of the theft. If the hack was indeed committed by foreign government spies, this information isn’t likely to end up on the black market for identity thieves.

Its purpose is to better spy on America — by blackmailing individuals or outing their true identities.

Reprinted here for educational purposes only. May not be reproduced on other websites without permission from CNN Money. For the original article, visit the CNN Money website.


Questions

1. The first paragraph of a news article should answer the questions who, what, where and when. List the who, what, where and when of this news item. (NOTE: The remainder of a news article provides details on the why and/or how.)

2. Why is this theft so concerning? (What danger does it pose to the affected employees?) Be specific.

3. Who is behind the cyber theft?

4. How is the government responding to this massive cyber crime, according to OPM?

5. a) Why are former intelligence ops concerned?
b) What problem does the theft pose for all whose fingerprints were stolen?

6. a) What reassurance has OPM given to those whose fingerprints were stolen?
b) Why might this not be so reassuring?

7. Chinese President Xi made a state visit to Washington last week including a state dinner with President Obama at the White House:

Read “A ‘State Visit’ for China’s President Sends All the Wrong Signals
a) What do you think of this suggestion? Explain your answer.
b) Are you reassured by President Obama's agreement with President Xi? Explain your answer.

8.  Watch the news report under “Resources” below. What now? What approach do you think the U.S. should take with China?

OPTIONAL - Questions for discussion:
a) If you can’t trust the government to keep your data secure (especially if you are an intelligence agent) who should you trust?
b) If your relative worked as an undercover intelligence agent, would you want him/her to stay in the job?
c) How reassured would you be if your fingerprint data, in addition to information about your health, financial history and families had been stolen by the Chinese government (or by some other nefarious hackers)?


Background