Digital Fingerprint Analysis

The number of people applying for or receiving security clearances whose fingerprint images were stolen in one of the worst government data breaches is now believed to be 5.6 million, not 1.1 million as first thought, the Office of Personnel Management announced on Wednesday.

The agency was the victim of what the US believes was a Chinese espionage operation that affected an estimated 21.5 million current and former federal employees or job applicants. The theft could give Chinese intelligence a huge leg up in recruiting informants inside the US government, experts believe. It also could help the Chinese identify US spies abroad, according to American officials.

The White House has said it’s going to discuss cybersecurity with Chinese president Xi Jinping when he visits Barack Obama later this week.

The Obama administration has not publicly blamed China or taken any public action in retaliation for the hack. Intelligence officials have called the data a fair intelligence target, one the US would pursue if it had the chance.

OPM says the ability of an adversary to misuse fingerprint data is limited, though an agency statement acknowledged that “this probability could change over time as technology evolves”.

For American intelligence agencies, the notion that the Chinese have fingerprints on millions of federal security clearance holders, some of whom may be intelligence officers overseas, is troubling. Any intelligence officer whose prints have been taken would face great risk in operating under an alias because those prints would give away someone’s true identity.

OPM spokesman Samuel Schumach said in the statement that the agency identified the “additional fingerprint data not previously analyzed” while working with the Department of Defense. Mike Rogers, the director of the Pentagon’s National Security Agency, has said his agency was brought in to help.

NO COMMENTS