A former NSA official said that the latest data breaches on the Office of Personnel Management gave Chinese hackers the “crown jewels” of American intelligence.
Last week federal officials announced that Chinese hackers had gained access to over 4 million personal records for federal employees in December. A similar hack, exposing federal employees’ security background checks, was disclosed by the Obama administration on Friday.
“This is crown jewels material… a gold mine for foreign intelligence service,” said Joel Brenner, a former NSA senior counsel, Politico reported Friday.
The hackers are believed to have accessed data from Standard Form-86 documents, which include background details for federal employees like financial trouble, past convictions, drug use and close relationships with citizens of other countries.
Former intelligence officials said the SF-86 breach could have dire consequences for U.S. intelligence gathering and said that the hack would make it extremely difficult for anyone inside the database to ever work in a covert capacity.
“This is not the end of American human intelligence, but it’s a significant blow,” Mr. Brenner said, Politico reported.
Robert Caruso, a former Navy special security officer who has worked in security at the State and Defense departments said the database that the SF-86s are stored in could be combed for information from other top secret agencies as well. For example, Chinese agents could search the databased for instances when agents with NSA covers were in the same place at the same time and make reasonable deductions about what they were doing there, Politico reported.
Both Mr. Brenner and Mr. Caruso said that it is likely that clearance forms from the Defense Department and its related intelligence agencies, including NSA and the Defense Intelligence Agency, could be access through OPM. But they said it is less likely that CIA employee clearance forms were accessed because the CIA insists on managing its own database.
“CIA refuses to put its people’s information in with OPM, and of course they’re right” Mr. Brenner told Politico. He added that “any serious clandestine agency has to be in charge of its own personal information. Full stop.”