Personal Data of 14 Million Americans Exposed to Chinese Hackers

Benjamin Howe II/Getty Images
Benjamin Howe II/Getty Images

China’s recently revealed hack of the Office of Personnel Management (OPM) could involve data for up to 14 million Americans,op including detailed information on CIA and NSA agents who applied for security clearances.

An Associated Press report published Friday afternoon says personal data of up to 14 million civilian employees were exposed to the hackers. The data includes current government employees and past employees going back as far as 1980. On Thursday unnamed government sources had put the number exposed much lower, at 4 million.

In addition, the AP reports that as many as 2.9 million Americans who applied for government security clearances may have had their personal data stolen. That group would include those working for America’s intelligence agencies, including the CIA and NSA.

SF-86 forms are filled out when a government employee applies for a security clearance. A blank copy of the form on OPM’s website runs to 127 pages long. The form itself estimates it takes the average applicant 150 minutes to fill it out. It includes detailed work and education history plus a section titled “People Who Know You Well” and another on “Foreign Contacts.”

Thursday an unnamed U.S. official told ABC News, “If the SF-86s associated with this hack were, in their entirety, part of the stolen information, then that would mean the potential release of a staggering amount of information, affecting an exponential amount of people.”

The steady drip of new information began Thursday, after the President of the American Federation of Government Employees (AFGE) sent a letter to OPM complaining that his union members were only being provided with “sketchy information” about the hack. The letter also revealed that affected employees had been offered 18 months of free credit monitoring and liability insurance up to one million dollars. It was not clear in any of the reports published so far whether direct deposit banking information may have been included in the hack.


Please let us know if you're having issues with commenting.