Federal government data hack could expose undercover intelligence officers abroad
The recent hack of data held by the U.S. Office of Personnel Management has raised concerns that the identities of undercover intelligence officers working abroad could be exposed.
Initially, government officials described the hack's fallout primarily as a risk of identity theft concerns for millions of current and former federal employees, but cyber-security and counterintelligence experts said the bigger threat would be allowing a foreign government to unravel undercover American operations.
When news about the hack first broke, civilian Navy employee Lauren Bickings was more worried about identity theft than anything else. Bickings, who has a top secret security clearance, said word soon spread around her office that everyone there was likely affected - and the U.S. government suspects the hackers were working for China's intelligence service.
“My heart kinda dropped. Knowing that this wasn’t like Jane Smith from next door doing this," she said. "This was a big deal.”
Cyber-security and counterintelligence experts in the United States said the results could be disastrous.
If social security numbers were, for instance, to end up in the hands of a hostile foreign intelligence service, it's possible that agency could compare those to the social security numbers on visas they've provided, and discover that an American who got a foreign visa ‘petroleum engineer’ or a ‘maritime shipping analyst' could really be a spy.
“Until proven otherwise, this is in fact the worst national security disaster this country’s ever experienced...period," said Mike Adams, who spent the past 15 years in cyber-security, following his retirement from Army Special Forces. "Intelligence officers spend years trying to get this much data on one guy. People spend careers trying to get this much data on one guy.”
Lost in the hack were high level security clearances for the past 30 years. The U.S. government reports hackers have that data on more than 21 million Americans, including 1.1 million fingerprint files.
An official from the Office of the Director of National Intelligence declined to answer questions regarding the possibility that American intelligence officers might have their identities uncovered by foreign governments as a result of the OPM data breach.
Perhaps most damaging, according to experts, the hackers stole “adjudication data” -- all the additional information like notes and findings of the investigators who do the background checks on everyone getting top secret clearances. It could potentially expose weaknesses in spies, like who drinks too much, has a lot of debt or is secretly cheating on a spouse - and use it for blackmail.
“If you’re a diplomat like I was overseas, all of a sudden you’ve got to start worrying about who knows, you know, what’s going on with my background," said Alex Tabb, who spent years as a Foreign Service Officer and now does cyber-security consulting for the financial industry.
And it’s not just the diplomats, but their families who are also potentially at risk.
“Who knows what my family members are or where they may be living or what they may be doing; and who can use that against me?" he asked. "It’s potentially very damaging.”
“Someone is collecting this and they’re putting it all together," said Mike Adams. And they’re going to figure out who the best people are, the best targets who have the best information.”
In Hollywood movies like the 1996 action hit Mission: Impossible, "hacking" data involved an elaborate scheme of burglary and acrobatics to get a spy inside a vault-like computer room where they could download data.
But in this case, an official at the Department of Homeland Security said the hackers simply targeted a government contractor and used a “social engineering” attack to get an unsuspecting employee to give up his or her login credentials.
Adams points to one strong indicator that it was a state, not criminal hackers, who did this: none of the data taken from the contractor has wound up on what’s called the “dark web” -- parts of the internet that aren’t connected to the Google Search Engine. It’s where sites such as the Silk Road lie.
“The scope is still so unknown that it’s going to take years for us figure out exactly what the damage is and then the type of information that was lost,” said Tabb.
Were you affected by the OPM breach? If so, or if you suspect you have been, please see
- Federal Trade Commission, June 4th 2015: OPM data breach – what should you do?
- Federal Trade Commission, June 11th 2015: Email from OPM – is it the real deal?
This story is part of the American Homefront Project, a collaboration of KUOW, KPCC and KUNC. The project reports on military life and veterans issues, covering major policy issues at the Pentagon and Veterans Administration, as well as the everyday issues that service members and veterans experience.