With one of the largest government data breaches in US history, hackers have potentially gained access to the personal information of every federal employee. That includes the darkest secrets of nearly 14 million people, including drug addictions, psychiatric diagnoses, and even extramarital affairs.
Every US federal employee seeking a security clearance must go through the exhausting process of filing a Standard Form 86 (SF 86). As many have pointed out, the form is so meticulous that an individual could fill out over 115 pages.
Those pages detail almost everything about an employer’s life. Family members, spouses, and neighbors are just a few of the aspects listed. But the forms also dig deeper, examining personal information a person’s own mother may not be aware of. Psychological treatments, outstanding debts, drug use, sexual history – even sexual fantasies. The idea being that the government needs to be aware of any facets of a person’s life which could be exploited.
The bad news: whoever hacked into the Office of Personnel Management now knows all of the information they could ever need to blackmail every federal employee.
“It’s kind of scary that somebody could know that much about us,” a former US diplomat, speaking anonymously, told Reuters.
One example given by officials is of a retired 51-year-old military employee. In filing his security clearance, he listed that he had engaged in a 20-year affair with the wife of his former college roommate. While he entrusted this information to the US government – a red flag on a polygraph test could have ruined his chances at a security clearance – he had not told his wife about his infidelity.
While that individual eventually came clean, confessing to his wife other “key people in applicant’s life,” it’s exactly the kind of potentially damaging information that foreign governments could use to convince a high-level official to provide confidential material.
Even the private affairs of a federal employee’s family and associates could be utilized. SF 86 forms list the names of all foreign contacts, and those individuals could be tracked down and either kidnapped or blackmailed to sway a government official.
Details about a federal official’s debt could also be exploited, providing foreign intelligence services with an idea of which employees could be bribed, and even for how much. Drug abuse history could be another way for governments to manipulate an individual who may prefer to keep darker aspects of their lives secret.
Then there is the possibility that hundreds of intelligence officers could now be compromised.
“The potential loss here is truly staggering and, by the way, these records are a legitimate foreign intelligence target,” General Michael Hayden, former CIA and NSA director, told Reuters.
Intelligence officials note that the names obtained through the data breach could be cross-referenced against the publicly available names of embassy employees to root out undercover operatives.
“Negative information is an indicator just as much as positive information,” the US diplomat said.
While US officials have linked the hacks to the Chinese government, they have yet to provide any evidence for the assertion. Beijing denies any role in the cyberattacks.