REUTERS/Jim Urquhart
What we know so far is that 4 million federal employee records were stolen in April. Initial reports pin China as a likely culprit.
"Since the incident was identified, OPM has partnered with the U.S. Department of Homeland Security's U.S. Computer Emergency Readiness Team (US-CERT), and the Federal Bureau of Investigation to determine the impact to Federal personnel. And OPM immediately implemented additional security measures to protect the sensitive information it manages," the agency wrote in a blogpost.
What's at stake?
There are many concerning threads here. For one, the alarming amount of data stolen indicates that data processing agencies like the OPM - which stores all of the personal information of federal employees - are prime targets for this sort of cybercrime, and that these sorts of breaches will likely not cease.
Even worse, however, is the fact that the OPM has been targeted before. Last summer, hackers also infiltrated the OPM's databases, targeting files of "tens of thousands of employees who have applied for top-secret security clearances," the New York Times reported.
The fact that this has happened before to the same federal office has sent shock-waves through the cybersecurity community. "This is an extremely urgent situation," Chris Wysopal the CTO and CISO of Veracode told Business Insider. "And it's not going to stop"
Hackers now want this kind of data and they know where to find it. He pointed to the rising occurrences of data breaches at large companies, be it Sony, Anthem Health, or Premera.
The value of this sort of personal data is huge, too. Health records on the black market, said Wysopal, are worth "approximately ten times the value of a credit card."
What will happen to the data?
Now that the breach has been made public, no one knows whose hands this data will fall into. If it's a state-sponsored attack, it's unclear whether or not it will be sold on online black markets.
But, as Danny Rogers from the company Terbium Labs explained, the line between politically motivated attacks and hackers hacking to sell data is now blurring. "It's hard to differentiate between these types of attacks," Rogers said.
Companies like Terbium keep open tabs on what's being sold on dark web marketplaces. According to Rogers, government affiliated documents have been known to leak online. And there's no way to know the original source of this stolen data.
The government must get better
The key takeaways according to industry experts are that this isn't going to stop and the federal government needs to improve its security measures. Offices like the OPM hold a trove of personal data, and that's precisely the sort of information that both states and private cybercriminals want.
The fact that the agency has been attacked twice underscores how vulnerable digital government assets are.
"The data is very valuable," explained Wysopal. Protecting the information can't be treated as "business as usual."