20 Million Americans Exposed During Second Federal Cyber Attack

Some 21.5 million Social Security numbers were stolen when hackers breached the security of a federal database during a second cyber attack, federal officials from the Office of Personnel Management said Thursday.

Personal information, including social security numbers from 19.7 million people who applied for a background investigation, was exposed during the hack. An additional 1.8 million non-applicants, spouses, or family members, were also compromised.

That’s in addition to the 4.2 million Social Security numbers exposed during an earlier breach in federal security in June.

Current and former federal employees, including members of the armed forces and anyone who went through a background check, were more than likely impacted by this second cyber attack.

Prospective federal employees who went through a background check were also probably affected.

The personal information stolen includes fingerprints as well as residency, education, and employment history along with other family members, friends, and business colleagues. Private health, criminal, and financial information were also compromised.

While investigating the first OPM hack in April, investigators discovered additional systems had been compromised during the second hack in June, according to an OPM statement. Anyone whose information was exposed during the first hack should have been contacted by federal officials, but notifications on the second hack haven’t begun yet.

The OPM is offering free identity protection services to anyone affected by either hack, and information should be forthcoming as the government begins to contact victims.

The government is urging anyone who thinks they may have been a victim of either attack to be aware of potential identity theft. The website IdentityTheft.gov can help users set up protections. Victims are also urged to update their passwords and beware of phishing scams.

Some members of the Department of Homeland Security and the FBI say China is behind the cyber attacks, but they’ve denied any involvement.

OPM breaches arguably comprise the most consequential cyber intrusion in US government history: http://t.co/RsrEm3lNF3

— Stars and Stripes (@starsandstripes) July 9, 2015

The first hack of the federal database in June compromised some four million Social Security numbers and birth dates, offering cybercriminals the ability to steal identities and pose as just about anyone.

Officials fear the data could be used to impersonate or blackmail federal employees. It’s also feared that highly classified information may have been exposed during the hack. So far, none of the information has been used, misused, or disseminated, according to officials.

In light of the devastating attack, several lawmakers have called for the OPM information officer to resign.

The FBI and Department of Homeland Security continue to investigate both breaches of federal security.

[Photo by Denis Doyle/Michael Bocchieri/Getty Images]