Home arrow Identity Theft arrow In The News arrow Federal Government Data Breach Resulted in Theft of 5.6 Million Fingerprints
User Login





Lost Password?
No account yet? Register
Guard My Credit Menu
Home
- - - THE ISSUES - - -
Videos
Fraud and Scams
Credit Issues
Identity Theft
Privacy Issues
Our Children
Politics & Politicians
- - ACTION CENTER - -
Guard My Credit Links
Helpful Pamphlets
- - - - - - - - - - - - - - -
About ACCESS
Contact Us
About Our Site
Join the Fight
ACCESS is a non-profit, tax exempt consumer advocacy group.

Donations are tax deductable.

Guard My Credit Hits
11384274 Visitors
Federal Government Data Breach Resulted in Theft of 5.6 Million Fingerprints PDF Print E-mail

September 25, 2015 – The data breach that occurred at the Office of Personnel Management (OPM) earlier this year continues to get worse. Not only did it include data on more than 21 million – that’s about 7% of the country’s population in one data breach – but it also included digitized fingerprints on 5.6 million people. The breach takes the potential of identity theft to an entirely new level.

Image

At this point, you may be asking, “What can you do with a stolen fingerprint?” As it turns out, quite a bit. More importantly, the damage that you can do with stolen fingerprints is probably more significant than with other forms of stolen data. That’s because fingerprints are biometric data. That is, they are biological markers that identify an individual and which can’t be changed. Other forms of biometric data include DNA and retinal scans.

Biometric data is considered to be one of the best options when it comes to securing data. Newer cell phones use fingerprints in place of passwords for many of their functions. Secure facilities, such as those used by defense contractors, the Pentagon and various intelligence agencies will use biometric markers such as fingerprints and retinal scans to access high security areas in their facilities. And up until this incident, most people probably considered biometric data to be highly secure. After all, for someone to steal your fingerprint, they would have to either coerce you or cut off your fingers. At least, that was the thought.

But for biometric data to be useful, it needs to be stored somewhere in digital form. Your cell phone needs to have a file to compare your fingerprint to so that it can recognize you. And any digital data can be stolen.

In this case, the fingerprints that OPM was storing included those of people with government security clearances. You don’t need a degree in rocket science to figure out that with these digitized fingerprints, all the hackers need to do is identify which government systems you had access to for them to access those systems without your knowledge.

This mistake… and I’m being generous here because this breach may actually be a matter of criminal negligence… is going to be very costly for the US government and for the people whose data was stolen.

For the government, it means having to make significant changes to systems that allow employees and government contractors to access secure systems. Not doing so would leave all of those systems exposed. And it probably means changing the way those systems are accessed for everyone, not just those who are known to have had their data compromised.

For the people whose data was stolen in the breach, the consequences could be very high. They might include being reassigned in their jobs and restrictions on personal and business travel… especially international travel. In some cases, it is likely to mean loss of both their security clearance and their jobs.

Frankly, there is absolutely no excuse for this data breach. The federal government continues to have an absolutely abysmal record for protecting computer systems. Yet that same government chose to store highly sensitive data on virtually every single employee and millions of civilian contractors in a single and apparently insecure database. It will be years before that actual extent of the damage can be assessed.

OPM has insisted on releasing information about the breach slowly. The way that the news has been released is akin to watching OPM management commit a slow suicide. Death by a thousand cuts. Because of this, we fully expect to see more releases of information in the not too distant future. We’ll keep our readers posted as new information is made public.

byJim Malmberg

Note: When posting a comment, please sign-in first if you want a response. If you are not registered, click here. Registration is easy and free.

Follow me on Twitter:

Jim Malmberg has 8112 followers on Twitter
Follow ACCESS
Comments
Search
Only registered users can write comments!

3.25 Copyright (C) 2007 Alain Georgette / Copyright (C) 2006 Frantisek Hliva. All rights reserved."

 
Guard My Credit Polls
Poll #166 - Have you personnally been a victim of Identity Theft
 
#1 - Why did you visit our site today?
 
.•*´¯☼ ♥ ♥ Your Support of These Links Is GREATLY Appreciated ♥ ♥ ☼¯´*•.
Advertisement
 
Go to top of page
Home | Contact Us |About Us | Privacy Policy
eXTReMe Tracker
11/03/2024 04:29:56