Government investigators now believe that the data theft from the Office of Personnel Management computer systems compromised sensitive personal information of roughly 21.5 million people from both inside and outside the government, the government announced Thursday.
Of these, hackers obtained information from the security clearance applications — known as SF-86’s – of 19.7 million people.
Another 1.8 million were non-applicants comprised mostly of spouses and partners of applicants.
OPM had initially estimated the hackers obtained the files of 4 million people with information listed on the servers containing personnel data of current and former government employees.
House Oversight and Government Reform Committee Chairman Jason Chaffetz used the news to again call for President Barack Obama to remove OPM Director Katherine Archuleta and Chief Information Officer (CIO) Donna Seymour.
“Their negligence has now put the personal and sensitive information of 21.5 million Americans into the hands of our adversaries. Such incompetence is inexcusable,” Chaffetz, a Republican, said Thursday in a statement.
For their part, the top Democrat on the House intelligence committee said he was “deeply disturbed” by the breach, but Rep. Adam Schiff didn’t call on anyone to resign.
“I do not believe OPM was fully candid in its original briefing to the Committee and omitted key information about two distinct hacks and the breadth of the potential compromise,” Schiff said in a statement. “To the degree OPM has not been fully forthcoming with Congress or has sought to blame others for a lack of its own inadequate security, OPM has not inspired confidence in its ability to safeguard our networks and most sensitive databases.”
Last week, Director of National Intelligence James Clapper told CNN at an intelligence conference that China is the “leading suspect” in the OPM hack.
By Jim Sciutto, Chief National Security Correspondent