Obama vs. China President Xi, Hacking

A new unit of the People’s Liberation Army was identified last week by cyber security researchers as Unit 78020 based in Kunming, in Yunnan Province.
The unit’s operations have been tracked for five years and have included targeted attacks on states in the region that are challenging Beijing’s strategic program of seeking to control the sea through building up small islands and reefs and then deploying military forces on them.
“Unit 78020 conducts cyber espionage against Southeast Asian military, diplomatic, and economic targets,” according to a security report on the unit that included a satellite photo of the unit’s Kunming compound.
“The targets include government entities in Cambodia, Indonesia, Laos, Malaysia, Myanmar, Nepal, the Philippines, Singapore, Thailand, and Vietnam as well as international bodies such as United Nations Development Program (UNDP) and the Association of Southeast Asian Nations (ASEAN).” More details here.

Chinese president Xi Jinping is supposed to have dinner this evening with U.S. president Barack Obama. Wonder if the name Ge Xing will come up?Ge Xing is the subject of a joint report published this morning by ThreatConnect and Defense Group Inc., computer and national security service providers respectively. Ge is alleged to be a member of the People’s Liberation Army unit 78020, a state-sponsored hacking team whose mission is to collect intelligence from political and military sources to advance China’s interests in the South China Sea, a key strategic and economic region in Asia with plenty of ties to the U.S.

The report connects PLA 78020 to the Naikon advanced persistent threat group, a state-sponsored outfit that has followed the APT playbook to the letter to infiltrate and steal sensitive data and intellectual property from military, diplomatic and enterprise targets in a number of Asian countries, as well as the United Nations Development Programme and the Association of Southeast Asian Nations (ASEAN).

Control over the South China Sea is a focal point for China; through this region flows trillions of dollars of commerce and China has not been shy about claiming its share of the territory. The report states that China uses its offensive hacking capabilities to gather intelligence on adversaries’ military and diplomatic intentions in the regions, and has leveraged the information to strengthen its position.“The South China Sea is seen as a key geopolitical area for China,” said Dan Alderman, deputy director of DGI. “With Naikon, we see their activity as a big element of a larger emphasis on the region and the Technical Reconnaissance Bureau fitting into a multisector effort to influence that region.”The report is just the latest chess piece hovering over Jinping’s U.S. visit this week, which began in earnest yesterday with a visit to Seattle and meetings with giant technology firms such as Microsoft, Apple and Google, among others.

Those companies want to tap into the growing Chinese technology market and the government there is using its leverage to get them to support stringent Internet controls imposed by the Chinese government. A letter sent to American technology companies this summer, a New York Times report last week, said that China would ask American firms to store Chinese user data in China. China also reportedly asked U.S.-built software and devices sold in China to be “secure and controllable,” which likely means the Chinese would want backdoor access to these products, or access to private encryption keys.Jinping, meanwhile, tried to distance himself from the fray when he said in a Wall Street Journal interview: “Cyber theft of commercial secrets and hacking attacks against government networks are both illegal; such acts are criminal offences and should be punished according to law and relevant international conventions.”Journal reporter Josh Chin connected with Ge Xing over the phone and Ge confirmed a number of the dots connected in the report before hanging up on the reporter and threatening to report him to the police.

While that never happened, the infrastructure connected to Ge and this slice of the Naikon APT group, was quickly shut down and taken offline. In May, researchers at Kaspersky Lab published a report on Naikon and documented five years of activity attributed to the APT group. It describes a high volume of geo-politically motivated attacks with a high rate of success infiltrating influential organizations in the region. The group uses advanced hacking tools, most of which were developed externally and include a full-featured backdoor and exploit builder.Like most APT groups, they craft tailored spear phishing messages to infiltrate organizations, in this case a Word or Office document carrying an exploit for CVE-2012-0158, a favorite target for APT groups. The vulnerability is a buffer overflow in the ActiveX controls of a Windows library, MSCOMCTL.OCX. The exploit installs a remote administration tool, or RAT, on the compromised machine that opens a backdoor through which stolen data is moved out and additional malware and instructions can be moved in.Chin’s article describes a similar attack initiated by Ge, who is portrayed not only as a soldier, but as an academic.

The researchers determined through a variety of avenues that Ge is an active member of the military, having published research as a member of the military, in addition to numerous postings to social media as an officer and via his access to secure locations believed to be headquarters to the PLA unit’s technical reconnaissance bureau.“Doing this kind of biopsy, if you will, of this threat through direct analysis of the technical and non-technical evidence allows us to paint a picture of the rest of this group’s activity,” said Rich Barger, CIO and cofounder of ThreatConnect. “We’ve had hundreds of hashes, hundreds of domains, and thousands of IPs [related to PLA unit 78020].

Only looking at this from a technical lens only gives you so much. When you bring in a regional, cultural and even language aspect to it, you can derive more context that gets folded over and over into the technical findings and continues to refine additional meaning that we can apply to the broader group itself.”The report also highlights a number of operational security mistakes Ge made to inadvertently give himself away, such as using the same handle within the group’s infrastructure, even embedding certain names in families of malware attributed to them. All of this combined with similar mistakes made across the command and control infrastructure and evidence pulled from posts on social media proved to be enough to tie Ge to the Naikon group and elite PLA unit that is making gains in the region.“If you look at where China is and how assertive they are in region, it might be a reflection of some of the gains and wins this group has made,” Barger said. “You don’t influence what they’re influencing in the region if you don’t have the intel support capabilities fueling that operational machine.”

 

Hotel Chains Credit Cards Hacked

Not the first case for hotel chains not protecting guest records.

FromHotelManagement: A U.S. appeals court said the Federal Trade Commission has authority to regulate corporate cyber security, and may pursue a lawsuit accusing hotel operator Wyndham Worldwide Corp of failing to properly safeguard consumers’ information.

The 3-0 decision by the 3rd U.S. Circuit Court of Appeals in Philadelphia on Monday upheld an April 2014 lower court ruling allowing the case to go forward. The FTC wants to hold Wyndham accountable for three breaches in 2008 and 2009 in which hackers broke into its computer system and stole credit card and other details from more than 619,000 consumers, leading to over $10.6 million in fraudulent charges.

The FTC originally sued Wyndham in 2012 over the lack of security that led to its massive hack. But before the case proceeded, Wyndham appealed to a higher court to dismiss it, arguing that the FTC didn’t have the authority to punish the hotel chain for its breach. The third circuit court’s new decision spells out that Wyndham’s breach is exactly the sort of “unfair or deceptive business practice” the FTC is empowered to stop, reports Wired.

BusinessInsider: In August, Visa alerted numerous financial institutions of a breach. Five different banks determined the commonality between the cards included in that alert was that they were used at Hilton properties — including Embassy Suites, Doubletree, Hampton Inn and Suites, and the upscale Waldorf Astoria Hotels & Resorts, Krebs reports.

Hilton Hotels investigates customer credit card security hack

FNC: Hilton Hotels announced that it is looking into a possible security breach that occurred at gift shops, restaurants, bars, and other stores located on Hilton owned properties across the U.S.

According to cyber-security expert Brian Krebs, Visa sent confidential alerts to several financial institutions warning of a security breach at various retail locations earlier this year from April 21 to July 27. While the alerts named individual card numbers that had allegedly been compromised, per Visa’s policy, the notifications did not name the breached retail location. But sources at five different banks have now determined that the hacks all had one thing in common–they occurred at Hilton property point-of-sale registers.

Currently, the breach does not appear to have comprised the guest reservation systems at the associated properties. The company released the following statement regarding the incident:

“Hilton Worldwide is strongly committed to protecting our customers’ credit card information. We have many systems in place and work with some of the top experts in the field to address data security.  Unfortunately the possibility of fraudulent credit card activity is all too common for every company in today’s marketplace.  We take any potential issue very seriously, and we are looking into this matter.”

The breach includes other Hilton brand name properties including Embassy Suites, Doubletree, Hampton Inn and Suites, and Waldorf Astoria Hotels & Resorts. The hotel group is advising customers who may have made purchases at Hilton properties during the time indicated to carefully scan bank records for any unusual activity and contact their bank immediately.

According to USA Today, evidence from the investigation indicates that the hack may have affected credit card transactions as far back as Nov. 2014 and security breaches could possibly be ongoing.

Iran Busy Schedule in New York

Too busy in fact to attend Barack Obama’s opening United Nations General Assembly salvo, Iran is quite preoccupied.

Hassan Rouhani delivered his remarks and then left the chamber.

On the side, there are several meetings with Iran and one such provocative session is the Iranian proposal to swap 4 U.S. citizens held in prison for 19 Iranians the United States has jailed for violating sanctions.

There are still on going side discussions over the Iran deal and many open items remain unresolved as well as how the United Nations as a global body will address the human rights violations in Iran, if at all.

Rather than listen to the countless speeches on climate change, which Francois Hollande of France pushed hard, you can bet covert operations are in full swing following who is taking Iranian representatives to lunch, cocktails and dinner.

Lining up to do business with Iran is the order of the day by U.S. corporate CEO’s.

Rouhani meets with American CEOs, seeks Iran investment

Iranian president says economic conditions created by nuke deal should be used by major firms; US companies currently banned from doing business with Tehran

TimesofIsrael: Iranian President Hassan Rouhani met on Saturday with a group of American CEOs and managers to discuss possibilities for future, private US investment in Iran once the nuclear deal signed in July is implemented and sanctions are lifted in exchange for Tehran curbing its nuclear activities.

The meeting came on the sidelines of the United Nations General Assembly in New York and a day after Rouhani met with a group of editors of American media outlets.

“The post-sanctions atmosphere has created new economic and political conditions which should be used by major trade, economic and industrial firms,” Rouhani told the group of American business leaders.

Following the signing of the nuclear agreement in Vienna in July, many European states rushed to renew trade relations with Iran with countries sending delegations to Tehran to discuss possibilities. European firms were also flocking to Tehran to sniff out lucrative business deals.

The US remains an exception as core sanctions imposed by Washington will remain even after the nuclear-related sanctions are lifted, meaning US companies would not be able to do business with Tehran.

These secondary sanctions are linked to US charges of Iranian human rights violations, terrorism and other allegations of wrongdoing. They have the effect of banning doing business with Iran, with only few exceptions, such as supplying parts for Iran’s civilian aviation sector.

But Rouhani expressed his conviction that these measures would also be lifted, according to the semi-official Fars news agency.

“Tehran has not impeded the presence of the US firms, and these companies can also use the competitive atmosphere resulting from the post-sanction conditions for investment and transferring technology to Iran,” Rouhani said at the meeting.

There is a lot to miss out on for US firms in Iran. The country of 80 million people generates a $400 billion economy, boasts the world’s fourth-largest oil reserves, the second-biggest stores of natural gas, and has well-established manufacturing and agricultural industries. It is also investing heavily in the tourism industry.

Rouhani was on a sort of charm offensive in New York ahead of his speech before the UNGA Monday. On Friday, he met with a group US editors to discuss a series of topics including the nuclear deal, developments in the Mideast and US-Iran ties and investment in Iran.

Rouhani said that in the wake of the nuclear deal, a door has opened for foreign investment in Iran.

“I think there are great opportunities, unrivaled opportunities, for American investment in Iran,” if the US government permits, he said.

Rouhani said relations between the two countries had improved in recent years but that there was “still a long road to travel” until they establish normal ties.

The Iranian president said the opposition expressed by some US lawmakers on the Iranian nuclear deal reflected “extremely bitter extremist judgments,” and was not well-received in Iran.

“It was as if they were on another planet,” he said, according to Reuters. “They did not seem to know where Iran was.”

“The nuclear issue is a big test within the framework of issues between the United States and Iran,” Rouhani told the group. “If we can see that we can reach success…and both sides have contributed to that success in good faith, then perhaps we can build on that.”

Rouhani said implementation of the nuclear deal would improve the atmosphere to allow progress to be made.

He also said that Iran can play a constructive role in addressing the threat of the Islamic State group, which has seized control of large swaths of Syria and Iraq, and that world powers were wrong to try to keep Iran out of the discussions on how to deal with the threat.

Iran is “a powerful and effective country in the region, this is undeniable,” Rouhani said. Without Iranian intervention on the side of the Baghdad government at a crucial juncture last year, he said, the Islamic State might already have taken over all of Iraq.

“Had it not been for Iran’s help, Baghdad would have fallen and certainly Daesh would have been ruling in Baghdad,” he said.

 

 

Why No Search Warrant for Hillary’s Mobile Devices?

The revelation that Hillary had her own email server was a shocker. Then the forced and scheduled production of those emails was another shocker as they were produced. The Trey Gowdy House Benghazi Committee being stonewalled by the Clinton camp and by the State Department was another shocker as compared with Hillary’s own false pledges of cooperation. Several outside organizations have been forced to file FOIA requests and then were forced to file lawsuits for production of those FOIA requests. This is coupled with the subpoenas from the Gowdy commission.

We hear about the server and the emails, but to date, it seems any request for search warrants has been nil. We cannot overlook the fact that Hillary also had and may still have 3 mobile devices, a Blackberry, and iPhone and an iPad. What about the electronic data on those devices or the meta-data trail to either back up the server data or perhaps in addition to that cache the FBI is investigating?

To date, the general conclusion is the FBI is protecting Hillary at the behest of the Justice Department, which hardly seems to be the case. The FBI has assigned their ‘A’ team to this mission and they have a multi-track objective that includes global cyber- espionage, hacking and a meticulous investigation to determine just how many laws were broken beyond the scope of the one or two prevailing violations of protecting classified material. It must be mentioned here that the FBI was also a recipient from the normal intelligence distribution list, so the FBI has their own record of transmissions that went to Hillary and other intelligence or national security personnel.

It would also be a good time as well to include the fact that the Chinese hacked the Office of Personnel management and was able to capture files of all security clearance employees which included Hillary. It is estimate that the OPM hack was determined to have occurred in June of 2014, a year or so after Hillary left her position as Secretary of State, but that OPM hack date is an estimate. Further the depths of the stolen electronic files are still being realized and those numbers are growing exponentially. Were they other known foreign hacks the FBI has open case files on, beyond the OPM intrusion?

This is an important and perhaps a top concern for the FBI, the NSA and associated cyber agencies to determine other possible foreign hacks into Hillary’s electronic files and those of her inner circle personnel. This could in fact be the single reason why the White House or the Obama National Security Council has chosen to defer answers and comments on the Hillary server-gate scandal to either the Department of Justice or the FBI. There is a high probability of a deeper and more threatening security condition of classified material. There could be the likelihood of other cyber intrusions being investigated by the FBI that have not been made public for which Hillary and her team may have been victims.

Anyway, this is hardly a matter that will be solved soon, yet it is a sure bet that almost daily more will bubble to the surface. Meanwhile, Politico has published a fairly good summary as to why Hillary and her lawyers are white knuckled and in panic mode at this moment.

One also cannot omit the entire notion that violations on behalf of Hillary, Bill, Jake Sullivan, Huma Abedin, Cheryl Mills and others at the Clinton Foundation or at the State Department could add to the building nightmares for those mentioned or for the Hillary legal team headed by David Kendall. Mixing government business with a private and global foundation where big big money moved back and forth could be the cherry on the banana split for this building scandal.

Hillary’s FBI nightmare

If the feds have Clinton’s personal emails, too, some of them are bound to come out — exactly as she feared.

The next question in the Hillary Clinton email matter is who will force the FBI to release any documents it may have retrieved from the 2016 presidential candidate’s homemade server — Congress or the courts?

The answer: A federal judge may decide to get aggressive and order the law enforcement agency to turn over any newly discovered records or at least preserve them pending further court action. But don’t expect congressional subpoenas to fly — or FBI director James Comey to get hauled to Capitol Hill anytime soon.

Key congressional committees investigating Clinton’s emails argue that the courts are better suited to force the release of federal documents. One GOP source familiar with the investigations said a congressional committee could “theoretically subpoena the FBI” to demand the contents of Clinton’s server, but judges are likely to wade into the issue first.

“I think the court is better positioned right now because of where the cases are in litigation,” the source said.

Court action, however, depends on the aggressiveness of federal judges who are now managing more than 30 Freedom of Information Act cases involving emails on accounts maintained by Clinton or her top aides.

The FBI has already rebuffed one judge’s effort to obtain messages the agency has recovered from Clinton’s server, prompting a stinging attack from Iowa Sen. Chuck Grassley, the Republican chairman of the Senate Judiciary Committee.

On Wednesday, key members of Capitol Hill expressed reluctance to dive in after a report surfaced that the FBI has successfully retrieved messages left on Clinton’s server. The FBI declined to confirm the Bloomberg report Wednesday.

House Benghazi Committee Chairman Trey Gowdy — a former federal prosecutor — made clear through a spokesman that he has no intention to cross swords with the FBI.

“Chairman Gowdy has not asked the FBI about its investigation into Secretary Clinton’s unusual and unprecedented email arrangement, nor has the Bureau offered a briefing to the committee,” Benghazi panel spokesman Jamal Ware said.

“The chairman believes the FBI is the nation’s premier law enforcement agency and he is not willing to comment on its ongoing investigation into the mishandling of classified information in connection with Secretary Clinton’s server.”

Grassley said he was concerned by anonymous leaks cited in the Bloomberg story, noting that the FBI has not responded to congressional inquiries about the investigation.

“You know it is getting a little absurd when someone at the Justice Department is apparently leaking details to the press about an investigation that the department officially refuses to admit to Congress that it is conducting,” Grassley said.

“In light of the details reported in the media, the committee will be seeking more information about the State Department’s attempts to regain possession of the email records that should have remained at the State Department in the first place. The FBI should also provide clarity on how it will handle the emails now that they have been recovered from the server.”

Senate Homeland Security and Government Affairs Committee Chairman Ron Johnson (R-Wis.) said he was “hopeful” that the results of the FBI inquiry will be made public. He promised to press his own inquiry but offered no specifics.

Regardless of what Congress decides to do, Hillary Clinton’s decision to have a tech firm she hired turn the server over to the FBI last month at its request greatly raises the potential that messages she has claimed to be private will eventually make it into the public domain, lawyers tracking the case said. Clinton has said that she had tens of thousands of emails deleted after determining that they contained personal information, but now the FBI appears to have at least some of those in its possession.

“This is enormously significant,” said Dan Metcalfe, a former top Justice Department official handling disclosure issues. “It’s one thing for the bureau to have taken control of the server itself, and when you add to that their technical capabilities to glean information from it, if there is information there that transcends what [Clinton] furnished to State, I think the odds are exceedingly high that that at least some if not all of that information will ultimately enter the public domain.”

While State and the National Archives have determined that about 1,500 of the 30,000 emails Clinton turned over last December are entirely personal records, that determination won’t render those messages or others entirely and indefinitely off limits under the Freedom of Information Act if they turn up in the FBI’s files after being extracted from Clinton’s server, Metcalfe said.

“Those are no longer merely personal records,” said Metcalfe, a former director of Justice’s Office of Information & Privacy who now teaches law at American University. “Anything that the bureau pulls off that server, old messages, new messages, Hillary’s allegedly personal messages, Hillary’s admittedly official records is now an agency record of the bureau’s law enforcement activities.”

Metcalfe said those records could be withheld by the FBI, but once its investigation ends, the documents would have to be processed if requested. That could lead to messages State viewed as entirely personal being published at least in part, he added.

Meanwhile, action continues in the courts. On Monday, the FBI turned down U.S. District Court Judge Emmet Sullivan’s invitation to explain where its investigation stands. The response led Grassley to blast the FBI for “behaving like it’s above the law.”

Sullivan has not yet signaled what other steps he will take, if any. The plaintiff in the case, the conservative group Judicial Watch, could ask the judge to issue a subpoena to the FBI for relevant records. It would be an unusual step and likely lead to legal fireworks.

“A subpoena served upon the FBI will be resisted by the U.S. attorney’s office,” predicted former federal magistrate John Facciola.

At a hearing earlier this month in another case, U.S. District Court Judge Reggie Walton seemed uncomfortable with the idea that Clinton and her attorneys had the final call in determining that over 31,000 emails from her private account were purely personal.

“We’re not sure exactly what type of evaluation was made of that 31,000 messages,” the judge said.

Clinton’s lawyers have argued that government employees generally have the right to determine whether emails or other records are personal and delete them. The Justice Department backed Clinton — to a point — in a recent legal brief, while stopping short of saying that a former government employee such as Clinton has the right to independently make such a determination nearly two years after leaving the government.

Walton said the scenario that played out doesn’t really fit others the courts have previously addressed.

“This is sort of a unique situation,” the judge said. “The State Department never had possession of these records.”

Still, not all judges may be interested in delving into any Clinton files now in the possession of the FBI, particularly if it appears Congress is punting the issue to the courts.

“Congress has different and more powerful ways to obtain information from the State Department than a FOIA plaintiff,” Judge Rosemary Collyer wrote in an order Monday rejecting one group’s arguments that it needed prompt access to Clinton-related emails to aid Congress in getting to the bottom of the Benghazi attacks.

Another challenge for Congress is that it could be disturbing precedent by trying to bring in an outside party to verify that Clinton has turned over all her official emails or even those relevant to the Benghazi attacks. Usually, the recipient of a subpoena turns over what he or she deems responsive, not a broader set of records for someone else to review. “The way we’ve always had is a process of self-production,” Facciola said.

In cases involving search warrants for electronic records, courts have sometimes appointed magistrates to go through the records and sift out what law enforcement really needs. But the question these days is more often about how the computer that does the sorting should be programmed and who gets to decide that.

“That’s the real battle going on,” Facciola said. “Oftentimes, the technicians who create these programs don’t even agree on one methodology. … How do you separate the wheat from the chaff?”

 

 

 

 

 

OPM Hack, Lies Came First, Truth Creeps out Slowly

We are conditioned to hearing the lies first from the administration stemming from an event affecting the homeland security and the citizens within. It takes months, sometimes years for the truth to be known, and it must be said, suspicions still remain. Stinks huh?

Such is the case with the Office of Personnel Management hack that took place several months ago. The numbers and depth of the hack are getting published that are closer to the truth….. the truth has no agenda but achieving the whole truth takes enduring tenacity.

Unconfirmed chatter but apparently during the diplomatic and business visit by China President Xi, Barack Obama will not address the hacking except perhaps is a side meeting with lower level staffers. The mission by the White House is to defer to the corporations such as Boeing and Microsoft to target the matter of hacking with China.

OPM Now Admits 5.6 Million Fed’s Fingerprints were Stolen by Hackers

Wired: by Andy Greenberg > When hackers steal your password, you change it. When hackers steal your fingerprints, they’ve got an unchangeable credential that lets them spoof your identity for life. When they steal 5.6 million of those irrevocable biometric identifiers from U.S. federal employees—many with secret clearances—well, that’s very bad.

On Wednesday, the Office of Personnel Management admitted that the number of federal employees’ fingerprints compromised in the massive breach of its servers revealed over the summer has grown from 1.1 million to 5.6 million. OPM, which serves as a sort of human resources department for the federal government, didn’t respond to WIRED’s request for comment on who exactly those fingerprints belong to within the federal government. But OPM had previously confirmed that the data of 21.5 million federal employees was potentially compromised by the hack—which likely originated in China—and that those victims included intelligence and military employees with security clearances.

The revelation comes at a particularly ironic time: During the U.S. visit of Chinese president Xi Jinping, who said at a public appearance in Seattle that the Chinese government doesn’t condone hacking of U.S. targets, and pledged to partner with the U.S. to curb cybercrime.

“As part of the government’s ongoing work to notify individuals affected by the theft of background investigation records, the Office of Personnel Management and the Department of Defense have been analyzing impacted data to verify its quality and completeness,” reads OPM’s statement posted to its website. “During that process, OPM and [the Department of Defense] identified archived records containing additional fingerprint data not previously analyzed. Of the 21.5 million individuals whose Social Security Numbers and other sensitive information were impacted by the breach, the subset of individuals whose fingerprints have been stolen has increased from a total of approximately 1.1 million to approximately 5.6 million.”

OPM adds that it’s mailing letters to all affected victims, and notes that it’s also offering them free credit monitoring. But that identity theft protection, which cost $133 million in likely misspent tax dollars, doesn’t begin to address the national security implications of having the fingerprints of high-level federal officials in the hands of hackers who are potentially employed by a foreign government.

OPM downplayed the significance of that biometric breach in its statement, adding that “federal experts believe that, as of now, the ability to misuse fingerprint data is limited.” When WIRED asked about those limitations, however, an OPM spokesperson wrote only that “law enforcement and intelligence communities are best positioned to give the most fulsome answer.”

The agency’s statement does admit that hackers’ ability to exploit the stolen fingerprints “could change over time as technology evolves,” perhaps as more biometric authentication features are built into federal government security systems. And it says it’s assembled an interagency working group that includes officials from the Pentagon, FBI, DHS, and intelligence agencies to review the problem. “This group will also seek to develop potential ways to prevent such misuse,” the statement reads. “If, in the future, new means are developed to misuse the fingerprint data, the government will provide additional information to individuals whose fingerprints may have been stolen in this breach.”

The increased number of stolen fingerprints represents only the latest in a series of calamitous revelations from OPM about the hacker intrusion that led to the resignation of the agency’s director Katherine Archuleta in July. Aside from the 21.5 million social security numbers taken by attackers and the newly confessed 5.6 million fingerprints, the agency has also confirmed that hackers gained access to many victims’ SF-86 forms, security clearance questionnaires that include highly personal information such as previous drug use or extramarital affairs that could be used for blackmail.

“The American people have no reason to believe that they’ve heard the full story and every reason to believe that Washington assumes they are too stupid or preoccupied to care about cyber security,” Senator Ben Sasse wrote today in an email.

For the hackers who cracked OPM’s vault of highly private information, it’s the gift to foreign intelligence that keeps on giving.