WASHINGTON–The personal data of an estimated 18 million current, former and prospective employees of the federal government were affected by the cyber breach at the Office of Personnel Management, which is four times the initial 4.2-million individuals who were thought to be affected, the OPM is now reporting.
It is not known how the significant expansion in the number of records affected might affect employees and former employees of NCUA, which earlier acknowledged that its staff could be among those impacted. To date, the agency said it has no indications that those records are being used by cyber-thieves.
The 18 million estimate was provided to U.S. senators in a closed door briefing by FBI Director James Comey, according to a number of media outlets. Those affected could include people who applied for government jobs, but never actually ended up working for the government.
According to published reports, the same hackers who accessed OPM's data are believed to have last year breached an OPM contractor, KeyPoint Government Solutions, U.S. officials said. When the OPM breach was discovered in April, investigators found that KeyPoint security credentials were used to breach the OPM system.
A number of analysts have suggested the Chinese government is behind the attack.