OPM says 5.6 million fingerprints stolen in biggest cyber attack in US history.


Recently, the Office of Personnel Management admitted that the number of federal employees' fingerprints compromised in the massive breach of its servers over the summer has grown from 1.1 million to a whopping 5.6 million. When hackers steal data such as passwords, you can change it. However, when they steal your fingerprints, they have a credential that never changes, which means they could use your identity indefinitely.

Commenting on this news, Ryan Wilk, director at behavioural biometrics firm, NuData Security said;

"Although usernames and passwords can be changed, and compromised cards replaced, victims of a breach need to understand that every bit of information exposed is becoming more critical by the day.

By combining the information stolen from these breaches, the hackers have the potential to piece together comprehensive user identities. One frightening example is the "Facebook of Everything" that China's intelligence service is compiling from the personal data stolen over several high-profile U.S. cyber breaches including OPM, and is being indexed by into a massive Facebook-like network to build a profile of with more details than Facebook.

In other words, they've now got a full database of information that could be used for multiple fraudulent and nefarious purposes into generations to come. They are able to use the stolen information and fingerprints to create more comprehensive 'identity bundles' which sell for a higher value to hackers. With more complete information, more damaging fraud can take place. As an example, if I'm a hacker and gain access to geographical data on John Smith from breach one, and bank account information from breach two, I can...

To continue reading