As government officials answered questions about the recent Office of Personnel Management data breach, former and current congressional staffers processed the notices they are receiving from the agency that they, too, were affected by the breach.
A consultant who did some work with a company contracted by OPM to manage personnel records for a number of agencies told Ars that he found the Unix systems administrator for the project “was in Argentina and his co-worker was physically located in the [People’s Republic of China]. Both had direct access to every row of data in every database: they were root. Another team that worked with these databases had at its head two team members with PRC passports. I know that because I challenged them personally and revoked their privileges. From my perspective, OPM compromised this information more than three years ago and my take on the current breach is ‘so what’s new?'”
So this week’s security tip is: If your Unix sysadmin is a Chinese national located in China with remote root access, you may just find that the Chinese government or Chinese hackers somehow manage to gain access to your data.
President Obama and leaders from the National Security Agency (NSA), FBI, and Department of Homeland Security (DHS) have been pressuring the technology community to build “backdoors” that allow government access to encrypted data.
Homeland Security, eh?
As many as 390,000 current and former Homeland Security Department employees, contractors and job applicants may have had their private data compromised in a newly disclosed computer hack discovered last year. DHS spokesman S.Y. Lee said internal notices about the data breach discovered in September at KeyPoint Government Solutions Inc. were sent to employees starting April 27. KeyPoint is a company that provides background checks for security clearances for the federal government. The KeyPoint hack is separate from the hacks of the Office of Personnel Management attacks disclosed earlier this month. Notifications have taken longer for those outside the department. In a letter to one former job applicant dated June 5, the government advised that the data breach was “initially discovered in September.”
So let me get this straight: The government wants backdoors to allow access to encrypted data by the organization that had all its security clearance data stolen last September, and which is only just notifying people now?