The government of the United States has revealed that hackers who stole security clearance data on millions of federal employees under the Department of Defense and other agencies were able to obtain a total of 5.6 million fingerprint records, which is 4.5 million more compared to the initially reported figure.
The additional number of compromised fingerprint records was discovered in the ongoing joint investigation on the data breach between the Department of Defense and the Office of Personnel Management.
According to the OPM, however, the number of people affected by the hack remains at the number of 21.5 million government employees that was previously reported.
The hack was uncovered the past spring and compromised of security clearance records that date back several years. The additional details on the number of fingerprint records stolen also come right before a visit by Chinese President Xi Jinping to Washington.
Officials have been privately tagging the government of China as the perpetrators of the hack, but they are avoiding making the claim in public.
According to President Barack Obama, cybersecurity will be among the major topics in his discussions with Xi on Sept. 25 at the White House. The United States has previously demanded the Chinese government to stop its industrial cyberspace espionage.
There has been no evidence that the stolen data is being abused, with the agency downplaying any imminent danger due to the hacked fingerprint records as technology that can take advantage of the data is limited. However, the OPM said that as technology evolves, the risk over the stolen fingerprint records will grow.
The OPM said that a working group that has expertise in the area will be reviewing the possibilities of how fingerprint records can be misused, both presently and in the future. The group will involve members in the intelligence community, along with the Pentagon, the FBI and the Department of Homeland Security.
The agency added that if means would be developed in the future to abuse the stolen fingerprint records, the government of the United States will be providing additional information to the affected federal employees.
According to Republican Nebraska Sen. Ben Sasse, who has previously accused the current administration of not taking cybersecurity seriously, the announcement by the OPM revealed that officials were viewing the hack not as a threat to national security but as a public relations issue.
