Why the OPM Hack Is Far Worse Than You Imagine
“The Office of Personnel Management (‘OPM’) data breach involves the greatest theft of sensitive personnel data in history. But, to date, neither the scope nor scale of the breach, nor its significance, nor the inadequate and even self-defeating response has been fully aired.
The scale of the OPM breach is larger and more harmful than appreciated, the response to it has worsened the data security of affected individuals, and the government has inadequately addressed the breach’s counterintelligence consequences. While we can never know for sure exactly what the government is doing in secret to address the breach and mitigate its consequences, based on what is publicly known, the millions affected by the breach have good reason to fear.”
“Although the theft of fingerprint data has been widely reported, there is still another critical component of the adjudication dataset that has been largely overlooked. Certain types of security clearances require the individual to pass a polygraph examination, which can be extraordinarily intrusive and far exceed the subject matter of an SF-86. One former U.S. official noted that “a polygrapher once asked if he’d ever practiced bestiality.” Another said that “he was asked about what contacts he’d had with journalists, including in a social setting. All of the data collected during a polygraph is part of the adjudication data set. While we do not know where and how the full set of polygraph data is stored, adjudication data does include at least some polygraph information and officials have confirmed some polygraph data is shared with OPM.”