The Office of Personnel Management reported Wednesday that hackers that got a hold of security information from the department also obtained the fingerprints of 5.6 million federal employees.
The New York Times reports that the attack is attributed to China by American Intelligence. It is not clear who engineered the hack. Previously, the agency reported that only 1 million fingerprints were obtained, among 22 million other records.
In a statement, the agency said, “Federal experts believe that, as of now, the ability to misuse fingerprint data is limited.” Yet, more bio metric security measures are being implemented, both in government facilities, and personally.
The agency confirmed that a working group with help from the FBI, Department of Homeland Security, and other intelligence agencies would review how the obtained data could be used maliciously, now and in the future. The biggest concern is the personal information that can be obtained about agents and personnel. Information such as personal financial and relationship information could potentially be used as blackmail.
Currently, no compromised data has been used for any fraudulent financial purpose. Several officials have called for action, due to the scale of the attack. The data obtained was not exclusive to current federal employees, but also independent contractors and job applicants.
China’s president Xi Jinping will be visiting the U.S. Thursday to discuss matters of cyber-espionage with President Obama. The two are expected to announce future measures to limit cyberspace attacks, making it the first digital arms control agreement. Since the rules do not directly include limiting cyber-espionage, which both the U.S. and China engage in, the two are not expected to speak about the theft of the files.