Remember the good ol’ days when the OPM breach only affected 4 million people? Well, new reports estimate the attacks may have affected closer to 18 million.
That number includes current, former and prospective federal employees, as well as their families and friends, according to CNN. The news organization claims the numbers came from a briefing of Senators by FBI Director James Comey.
Additionally, the OPM hackers may have compromised the systems at the National Archives and Records Administration. In a sign that there is already some information sharing happening, NARA was able to spot indications of a hack after DHS published threat indicators related to the OPM hack. An investigator told Nextgov that NARA “found no evidence intruders obtained ‘administrative access,’ or took control, of systems, but files were found in places they did not belong.”
According to OPM agency head Katherine Archuleta, it is suspected that the hackers were able to gain access to OPM’s systems using stolen KeyPoint credentials. Archuleta told the Senate Appropriations subcommittee that “the adversary leveraged a compromised KeyPoint user credential to gain access to the OPM network.” KeyPoint Government Solutions is a federal government background check organization that was hacked last December.