Threatpost on the possibility the OPM hack may have exposed US federal worker and military security clearance data:
Twenty-four hours after unnamed White House officials said the Office of Personnel Management (OPM) data breach was linked to China, one security company has connected the intrusion to the massive break-ins earlier this year at insurance companies Anthem and Premera Blue Cross, while a D.C. think tank this morning tweeted that the hackers made off with security clearance data going back to 1982.
The OPM not only handles employee record on government workers, but is also the agency that handles security clearance applications. If that data has indeed been exfiltrated from the OPM network, the identities and personal information belonging to covert operators and others linked to top secret government work has been exposed.
Initially, it was believed the breach was limited to personnel databases that included Social Security numbers and other personally identifiable information. While still valuable to intelligence efforts, that type of data pales alongside the clearance application data.
This sounds very similar to last years e-QIP breach. Likely, the intrusions are either from the same set or the groups are working in conjunction with each other, but with different mission responsibilities.