- By Richard Young
The US Government Office of Personnel Management boss, Katherine Archuleta, has resigned after a serious security breach the White House has confirmed.
In their statement the White House said more than 5.6 million fingerprint records were stolen from the Office of Personnel Management (OPM), this follows initial reports that 1.1 million records were compromised.
The OPM acts as the personnel office for the US government, responsible for the storage of records fro some 21.5 million federal government staff.
The attack saw the theft of identifications, fingerprints and security clearance information of the US Government staff, including details such as; social security numbers, names, addresses, personal health, financial details and biometric data.
The OPM tried to play down the significance of the hack stating that the ability to buse the data was “currently limited”, very reassuring. They did however, acknowledge the risk could increase as technology improved with fingerprints and biometrics increasingly used as a guarantee of identity. I know that to log on to my work station here at The International a fingerprint and facial recognition are both required.
“An inter-agency working group with expertise in this area.. will review the potential ways adversaries could misuse the data now and in the future.” the OPM said in their statement.
The FBI, Pentagon and Department of Homeland Security all form parts of the task force assessing how losing the data, especially biometric data may affect government personnel.
Security partners have reignited the long established debate on biometric data revocation. It is quite simple to set a new password or pin code, or even re-issue a card or fob, but it somewhat more difficult to obtain new eyes, fingers, DNA or a new voice or face. The majority of biometric security systems also still rely ultimately on a traditions security system as a back up should there be a bio-anomaly, such as scarification, surgery etc. or a need for emergency authorisation override.
Many US Security experts have jumped the gun and pointed the finger at China for the hack, for no other reason than President Xi Jinping is currently on a state visit to the USA to discuss cyber security with Presudent Obama. China has denied all allegations and the US offers no proof or evidence for such accusations.