Read How and Why the Office of Personnel Management (OPM) Got Hit With Maybe the Most Damaging Hack of All Time
As most everyone has heard by now, the Office of Personnel Management (OPM) data systems were hacked sometime during the last 18 months, and a whole lot of people's personal information was copied out. The estimates on how many "a whole lot" is have changed, and frankly I don't trust any government numbers, but OPM now says that it was "as many as" 14 million people.
When I say "personal information," by the way, I'm not just talking about Social Security numbers and names.
Some of the data exposed was from the background investigations of people with security clearances, collected with Standard Form 86. This form is nearly 150 pages long, and it collects everything -- where you've lived, where you've worked, who you know. For high-level clearances, it is then supplemented with a background investigation that looks at your credit, your potential police record, and interviews with people whom you identified on the form, and other people who show up by being connected to those people.
The investigation is a beast. I had one in the early '80s, and I got phone calls for months asking if I knew the "FBI" was asking questions about me.
Usually when someone in the press has their hair on fire, I write about how the excitement is being exaggerated. But this time I can't: this hack is a real problem.
There are a number of articles out there about how serious it is; I'll let them explain it if you're interested, as I find it too depressing. Basically, the Chinese -- if it was the Chinese -- now have the name, address, phone number, Social Security number, bank account information, and personal history of everyone who has a current security clearance, and everyone who had such a clearance for a good long while into the past.
The real question to ask is how this happened. Reduced to its simplest terms, the issue with security -- computer or otherwise -- is simply this: make sure no one who isn't authorized to see some data is able to see the data.
Back in the days B.C. -- Before Computers -- this was managed in fairly simple ways. The information, on paper, was stored in safes and vaults, and people were cleared to see it. It always comes down to a question of trust: can a person who is responsible for keeping the secret reasonably believe they can safely allow someone else to see that information?
When computers got involved, the question of trust stayed almost the same. With computers, the question is: can the responsible person trust the computer system enough to delegate the authority to disclose the information and be confident no one is going to access that information who isn't authorized to see it?
I wrote about this quite a lot back when Ed Snowden was at the top of the news, so I'm going to resist the urge to repeat myself -- I'm not getting paid by the word here -- and instead urge you to read "L'affaire Snowden and (Computer) Security," where I go at some length into the whole structure of security classification. The point is that there is a very well-defined structure to how information is to be protected.
What you should do to build a system handling confidential data is to think out what the possible attacks are and build safeguards against them. What we got is something else, and even from public data, I can tell you why that is: because good computer security is an expensive pain in the ass.