Over 22 million people had their personal information hijacked in a cyberattack on the US Office of Personnel Management. The attack is over, but its threat will literally last lifetimes.
Members of the intelligence community are stressing that the attack will continue to be a problem until each one of those people whose sensitive personal information was stolen drops dead.
Ex-CIA director Michael Hayden talked to FedScoop about the legacy of the attack:
"I don't think there is recovery from what was lost," said former CIA Director Michael Hayden, in a telephone interview with FedScoop. "It remains a treasure trove of information that is available to the Chinese until the people represented by the information age off. There's no fixing it."
While some people had their fingerprints and identifying information stolen, other former and current federal employees had their security clearance questionnaires taken, which means the thieves now have access to 121-page dossiers.
These dossiers are heavy shit, detailing identifying information on family members, psychological profiles, and admissions of gambling, drug use, and other sensitive information. If you wanted to blackmail somebody, this is exactly the type of form you'd want to use.
FedScoop also talked to Richard A. Russell,former senior advisor for intelligence and security for the U.S. Army Materiel Command, who pointed out that the personnel dossiers included information on children, which means the threat will extend even longer.
Of course, Hayden and many other intelligence experts are assuming China is behind the attack, but there's no proof. There's also the possibility that whatever group stole the documents will sell or share the information. So even though we know that the stolen information can be used to identify people as targets until they die or change their identities, we don't know with certainty who will do the targeting.