Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

OPM: The worst hack of all time

Steven J. Vaughan-Nichols | June 30, 2015
Hi, my name is Steven J. Vaughan-Nichols and I had a security clearance in the 1980s. Because of that, my personal records are likely to have been revealed by the Office of Personnel Management hack.

Now, if China has all that information, it may not matter that much. Seriously, does Beijing care about my Social Security benefits? I doubt it.

But let's say I held a sensitive government position and had a cousin living in Hong Kong. Then it would be a different story. In that case, I could foresee getting a call from a burner mobile phone telling me that if I'd like to keep my cousin safe, I might want to share a little information with someone.

Let's say the hackers were run-of-the-mill crackers instead of a nation state. After all, a bright teenager could have broken into the OPM. If that's the case, what's to stop them from practicing identity theft on an epic level?

I'll tell you what: nothing. The feds tried -- and failed -- to set a credit and identity protection plan. Eventually, they'll get it right, but so what?

Ten percent of Americans may have had their identities permanently compromised. So, what are we going to do?

No one's talking about that yet. But here are some real possibilities: 1) Junk our current Social Security numbers. 2) Bring back the much-hated idea of a national ID card. Or 3) Reauthorize every last person whose ID has been revealed and give them new Social Security numbers.

Any way you cut it, fixing this is going to take a minimum of tens of billions of dollars. Frankly, I wouldn't be shocked if the bill ends up running into hundreds of billions. At the same time, no one is going to be happy with any of these solutions.

An ancient "ha-ha-but-actually-serious" computer joke goes, "To err is human, but to really foul things up, you need a computer." That joke has never been more serious.


Previous Page  1  2 

Sign up for MIS Asia eNewsletters.