Posted on 07/12/2015 12:37:06 AM PDT by Libloather
Contractors in Argentina and China were given "direct access to every row of data in every database" when they were hired by the Office of Personnel Management (OPM) to manage the personnel records of more than 14 million federal employees, a federal consultant told ArsTechnica.
The massive breach of OPM's database made public by the Obama administration this month prompted speculation over why the agency hadn't encrypted its systems, which contain the sensitive security clearance and background information for intelligence and military personnel.
Encryption, however, according to Ars, would not have helped in this case because administrators responsible for managing these records had root access to the system, Department of Homeland Security Assistant Secretary for Cybersecurity Dr. Andy Ozment testified yesterday at a two-hour hearing before the House Oversight and Government Reform Committee.
(Excerpt) Read more at businessinsider.com ...
“...Contractors in Argentina and China were given “direct access to every ...”
You don’t think China has everything secret the US government has?? Obviously we are essentially handing it to them - a la Billy Clinton. After all, they own us with all the money they have given us in exchange for worthless bonds.
How many contracts has the Pentecost, now filled with Obama people, awarded to China?? And for doing what??
what damages have you personally been subject to that would justify a law suit?
I think your analogy is false
absent damages, real damages, I see no merit for a law suit
the fact some unknown now has the data does not mean that you personally were damaged. If they make a mortgage application or file an ammended tax return, there might be damages
Bush’s fault. Republican sequester’s fault. Not enough spending’s fault. Global warming’s fault.
Obama’s awesome awesomeness will protect us.
They probably required something more secure:
Pa$$w0rd
Capital and lower case, numbers and special characters. Looks like a strong password to me.
The way a class action settlement would work would be the attorney gets most of the money, the named plaintiffs get a little bit, and the class members get something essentially worthless.
Has anyone been fired for this?
“The password was 12345
At least they changed it from password.”
Dont worry. This time they got smart and changed it to “qwerty”
Dont need keys, password or a badge when the door is left wide open.
I think it is very likely that China and Russia have copies of the crown jewels of our intelligence databases. I think it is likely they have multiple active backdoors into key government databases to keep their database snapshots current. The backdoors are almost certainly augmented by redundant tiers of human agents.
The level of stupidity, incompetence, and danger in this matter is so great that one can only deal with it by ignoring it. That seems to be working for now as very few citizens know anything about this, much less care. Americans have been well conditioned to have a broad contempt for their country, after all.
Unfortunately, these are the sort of failures that result in lost wars. Every week we seem to be moving closer to war with one or both of our major adversaries.
Hey - That’s the combination on my LUGGAGE!
Idiots. Bribes were paid. I remember a defense company CIO who helped pimp incompetent US based outsourcing so he could attend conferences and get a few rounds of golf for free. Imagine what foreigners offered.
What’s stopping you from starting a class-action lawsuit?
They don't even realize that bringing that up is actually making it worse. Every one of those breaches that was discovered exposed one or more security weakness in those systems. Any competent security administrator should have been examining his own systems for those same vulnerabilities and getting them corrected once they were exposed and shown that they were actively being exploited.
How can we learn if our information was compromised?
Outsourcing government work to contractors in Argentina and China? Words fail.
It could have helped if the database tables were encrypted themselves.
Root access wouldn’t have helped them.
Not to be a smart-mouth, but they’ll be most interested for the time being in 20- and 30-somethings, and file those, uh, older for later use (after they’re no longer with us) to build false IDs; in Asians; skills with non-English languages; overseas assignments; some other criteria.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.