The office is the repository of federal government personnel records, including social security numbers and documents known as SF-86s that contain personal information about people who apply for security clearances.
Counterintelligence officials for the past two years have reviewed the entire federal records archive, totaling 5 million gigabytes of data, and have begun assessing the damage to the breach. In April 2018, a senior counterintelligence official, Bill Evanina, refused to name China as the state behind the OPM hack.
But Evanina said of the damage assessment: “This is not a two-year issue; this is going to be 20 years in the making. This data is your most sensitive secrets that potentially an adversary is going to have in 20 years.”
The federal government sent notices to the millions of security clearance holders notifying them of the compromise of their personal data. The loss of the sensitive clearance records also includes information on the relatives of security clearance applicants because details about an applicant’s offspring are part of the application process.
The breach involved the extraction from OPM networks of an estimated 23 million records of federal workers, including those who were being evaluated for access to classified information. About 20 million records related to SF-86s were stolen.