Hackers presumably working on behalf of the Chinese government may have stolen highly sensitive personnel files containing information about drug addictions, sexual proclivities and financial woes of millions of current and former US government workers.
The Office of Personnel Management acknowledged earlier this month that it had fallen victim to a massive cyber-attack – described by some experts as the worst of its kind in history – involving personnel data on 4.2million current and former federal employees.
Another attack targeted information of millions more Americans who applied for security clearances. Some media reports said 18million were affected in that attack.
Human vices, such as infidelity, compulsive gambling, problems with alcohol or drugs, as well as emotional and behavioral issues, raise red flags for officials who gather so-called ‘adjudication information’ – information that government investigators gather during the vetting process of potential hires and current employees seeking a higher level of clearance.
The unprecedented data breach gave hackers access to US government job applicants’ security clearance forms detailing past drug use, love affairs, history of violence, and foreign contacts that officials fear could be used for blackmail or recruiting purposes.
A senior government official confirmed to The Daily Beast Wednesday that the cyber-bandits likely made away with dossiers containing details about employees’ sexual partners and preferences, instances of infidelity, drug and alcohol abuse, as we as gambling habits.
The highly sensitive, potentially damaging records originated from ‘adjudication information,’ which can span decades.
The thinking is that ff it falls into the wrong hands, the classified information laying out US workers’ weaknesses and pressure points could make it easier for foreign intelligence services to recruit them as assets or agents.
The OPM had previously revealed that the hackers had obtained information that would-be hires disclose on a routine questionnaire known as Standard Form 86, but according to computer security expert Michael Adams, adjudication information goes far beyond the scope of that basic form.
The main concern is that federal employees and contractors with high levels of clearance might become easy espionage targets.
Sources within the government tell The Daily Beast that adjudication information also would include results of polygraph tests, where investigators often ask highly invasive, no-holds barred questions.
The website reported that according to one former official, he was once asked during a lie-detector test whether he had ever engaged in bestiality.
OPM’s chief information officer, Donna Seymour, admitted in her testimony before a House committee June 16 that ‘clearance adjudication information’ was compromised in the hack.
Until now, Washington had not publicly accused Beijing of orchestrating the data breach at the OPM, and China has dismissed as ‘irresponsible and unscientific’ any suggestion that it was behind the attack.
But on Thursday, Director of National Intelligence James Clapper said China was the ‘leading suspect’ behind the attacks on OPM.
During his remarks at an intelligence conference in Washington DC, Clapper said: ‘You have to kind of salut the Chinese for what they did,’ reported the Wall Street Journal.
Hackers employed a rare tool to take remote control of computers, dubbed Sakula, that was also used in the data breach at US health insurance company Anthem Inc disclosed this year.
‘Chinese law prohibits hacking attacks and other such behaviors which damage Internet security,’ China’s Foreign Ministry said in a statement.
‘The Chinese government takes resolute strong measures against any kind of hacking attack. We oppose baseless insinuations against China.’
Speaking on condition of anonymity, a former US intelligence official said the OPM breach was much worse than Edward Snowden’s leaks about domestic surveillance.
‘This is worse than Snowden, because at least programs that were running before the leaks could be replaced or rebuilt,’ the source said.
‘But OPM, that’s the gift that keeps on giving. You can’t rebuild people.’
Adjudication information is collected in order to determine, among other things, whether a person could get a high-level security clearance.
Those who conduct these intense background checks for the government are trained to spot and identify potential problems, such as a candidate’s susceptibility to blackmail or the likelihood that he or she might be roped in to work for a foreign intelligence service.
