The recent data breaches involving the hack of U.S. government personnel files could now affect up to 30 million people. While the government initially disclosed that the breach would effect only 4 million federal employees, more and more news on the severity of the attack has trickled out at an almost daily rate.
In a recent senate hearing, the head of the U.S. Office of Personnel Management (OPM) Katherine Archuleta chalked the breach up to a “lack of investment.” Rather than point to any specific person in her staff, Archuletta blames “the perpetrators:”
Fox News reports:
The Office of Personnel Management initially estimated about 4 million current and former government workers were affected by one of the hacks. But Fox News is told by multiple sources that lawmakers have been informed the number will grow to at least 18 million — and could, according to one source, soar to as high as 30 million.
Cyber security analyst Morgan Wright explains that the database held by the U.S. Office of Personnel Management (OPM) lacked a two-factor password authentication system, also known as a two-step verification. I can’t remember the last time I logged into my online bank account or student loan account without having to go through a two-step verification process. Making matters worse, the OPM database was not even encrypted.
Wright also mentions that the Inspector General has been warning about the state of the government’s cyber security yearly since 2007. Identity theft, he says, will only be the part of the ramifications:
Will anyone be fired? Given what happened after news of the VA waiting lists broke out, the odds aren’t looking good.