WASHINGTON – Officials announced that sensitive information of more than 21 million people was among data lost in a breach of its background investigation database.
The U.S. Office of Personnel Management announced on Thursday that information, including Social Security numbers, was taken during a breach.
The breach was first publicly disclosed on June 4, but officials were not sure exactly how much information was at stake.
Authorities say they began to get a clearer picture following an investigation into this and a separate breach.
Experts say the hacks were “separate but related.”
Now, that number has spiked to 21.5 million.
The new numbers were released one day after FBI Director James Comey called the hack an “enormous breach” to the U.S. Senate Intelligence Committee. He said “millions and millions” of government records were stolen, including his own.
Now, officials with the U.S. Office of Personnel Management are facing tough criticism.
“Since at least 2007, OPM leadership has been on notice about the vulnerabilities to its network and cybersecurity policies and practices,” said House Oversight Committee Chairman Jason Chaffetz in a statement. “Director Archuleta and Ms. Seymour consciously ignored the warnings and failed to correct these weaknesses. Their negligence has now put the personal and sensitive information of 21. 5 million Americans into the hands of our adversaries.”
“This OPM data breach is a major national crisis. The lives of 21.5 million Americans and their families across America have been affected by this massive failure. The string of continuing bad news is the result of years of failed cybersecurity policy and a large bureaucratic government that is slow to respond and react to emerging threats. OPM’s historic inability to adapt and upgrade their processes are well documented. This is not an issue of legacy hardware, it is a problem with legacy security processes. The White House has the responsibility to protect the sensitive data that has been entrusted to their care. I have already pushed for a complete shift in the government’s mindset on cybersecurity; we must transition from a ‘hoping for the best’ mindset to careful preparation for the worst,” said Sen. James Lankford, who is a member of the Senate Intelligence Committee.