-- The nation’s top intelligence official said today what other U.S. officials have so far been unwilling to say publicly: China is “the leading suspect” in the massive theft of sensitive U.S. government records.
Speaking at a forum in Washington, Director of National Intelligence James Clapper warned of the danger posed by a capable adversary like the Chinese government.
“You have to kind of salute the Chinese for what they did,” Clapper said.
At least 18 million people -- and potentially tens of millions more around the world, including relatives, friends and associates of those who had background checks conducted by the U.S. government -- may have had their personal information stolen when hackers broke into the systems of the Office of Personnel Management, authorities have said.
“The problem for us, frankly, is until such time as we can create both the substance and the psychology of deterrence, this is going to go on,” Clapper said.
He noted “unintended consequences and other related policy issues” need to be considered when the U.S. government decides how to respond.
The question of just how big the breach was now focuses on files associated with background investigations, particularly forms known as SF-86s.
The forms require applicants to provide personal information not only about themselves but also relatives, friends and “associates” spanning several years. The forms also ask applicants about past drug use, financial history, mental health history and personal relationships.
That type of information could be exploited to pressure or trick employees into further compromising their agencies, sources have told ABC News.
The threat to national security posed by the OPM breach “is significant,” a top lawmaker said Wednesday.
“Only the imagination limits what a foreign adversary could do with detailed information about a federal employee's education, career, health, family, friends, neighbors and personal habits,” said Rep. Jason Chaffetz, R-Utah, the chairman of the House Oversight and Government Reform Committee, which has now held two hearings on the matter.
“It’s blown up a lot of things: protection [and] security,” Rep. Tim Walberg, R-Michigan, said of the OPM breach. “It’s a Pearl Harbor.”
The attack began in late 2013, when hackers infiltrated the systems of a government contractor, KeyPoint Government Solutions, and stole the “credentials” of an employee working on an OPM project, according to two days of testimony on Capitol Hill.
Around the same time, hackers were able to access OPM systems and take documents detailing what OPM officials described as “the platform, the infrastructure” of the agency’s systems.
“The weak link in this case was KeyPoint,” said the House committee’s ranking member, Rep. Elijah Cummings, D-Maryland.
ABC News first reported more than a week ago that authorities suspected hackers may have extracted electronic credentials or other information from within KeyPoint's systems and somehow used them to unlock OPM's systems.
Eric Hess, CEO of KeyPoint Government Solutions, acknowledged during a hearing on Capitol Hill on Wednesday that a KeyPoint employee's log-in "credentials" were stolen, ultimately giving hackers "access to OPM."
For more than a year, the hackers rummaged undetected through various OPM systems -- all part of a suspected cyber-campaign out of China to collect information on federal workers inside the United States and others around the world, sources told ABC News.
At the Senate hearing today, the committee’s chairman, Sen. Ron Johnson, R-Wisconsin, called cyber-security measures by the U.S. government “grossly inadequate.”
OPM Director Katherine Archuleta, meanwhile, insisted that in her 18 months as head of OPM, the agency has “made significant progress.”
“But so have our adversaries,” she said.