Back in Mid-April, the Office of Personnel Management in the US discovered a major security breach that had caused on the leaking of data on over 4.1 million employees.
The vast number of victims makes it the largest cyber-attack ever on the US.
Early investigations have indicated that China was heavily involved in the breach; however, that does still remain somewhat uncertain.
However, now a vendor has appeared claiming to have at least some of the OPM data and is looking to sell.
If you have been keeping up with the story, I’m sure you’ll realize just how significant this is.
However if not, the majority of the data leaked has to do with two separate forms, filled out by those looking for a higher level of security clearance, SF 85 and SF 86.
These are massive 127 page long forms, which hold extremely personal information about the person in question.
As Former counter-intelligence officer John Schindler has said, “Whoever now holds OPM’s records possesses something like the Holy Grail from a [counter-intelligence] perspective.
They can target Americans in their database for recruitment or influence.
After all, they know their vices, every last one — the gambling habit, the inability to pay bills on time, the spats with former spouses, the taste for something sexual on the side perhaps with someone of a different gender than your normal partner — since all that is recorded in security clearance paperwork.”
However, many feared right from the start that the OPM data could go on sale on the Dark Web, leaving it open to terrorist groups that are known to look out for such goldmines.
Recently, a vendor operating under the pseudonym Ping has appeared claiming to be in possession of the OPM data and is willing to sell each data set for $10.
This price would make the entire haul worth over $140 million.
By all accounts the data held by Ping is been traded actively.
However, some question the vendor’s integrity, and wonder whether the data is in fact legitimate.
Vice Motherboard have said that the vendor is definitely not in possession of the leaked files; however, Vocativ claim he is.
I myself cannot say for certain who is right; however, whether or not the OPM data is for sale, the OPM has a lot to answer for allowing the OPM data breach to happen in the first place.
Latest posts by Richard (see all)
- Wide Range of Job Ads Available on the Dark Web - November 5, 2018
- Continuous Exploit of RDP Pushes FBI to Issue Warning to Potential Targets - October 29, 2018
- Ross Ulbricht’s Fifth Year in Jail - October 10, 2018