Government investigators now believe that the data theft from the Office of Personnel Management computer systems compromised sensitive personal information, including Social Security numbers, of roughly 21.5 million people from both inside and outside the government, the government announced Thursday.
Of these, hackers obtained information from the security clearance applications – known as SF-86’s - of 19.7 million people.
Another 1.8 million were non-applicants comprised mostly of spouses and partners of applicants.
OPM had initially estimated the hackers obtained the files of 4 million people with information listed on the servers containing personnel data of current and former government employees.
Republicans called on President Barack Obama to remove OPM Director Katherine Archuleta.
“It has taken this administration entirely too long to come to grips with the magnitude of this security breach – a breach that experts agree was entirely foreseeable. Americans who serve our country need to be able to trust that the government can keep their personal information safe and secure,” Boehner said in a statement.
House Oversight and Government Reform Committee Chairman Jason Chaffetz, in addition to firing Archuleta, also called for Obama to remove Archuleta and Chief Information Officer Donna Seymour.
“Their negligence has now put the personal and sensitive information of 21.5 million Americans into the hands of our adversaries. Such incompetence is inexcusable,” Chaffetz, a Republican, said Thursday in a statement.
Can Washington keep your data secure?
A senior administration official said Thursday that Obama’s views on Archuleta have not changed since June, when White House Press Secretary Josh Earnest said the President has “confidence that she is the right person for the job.”
For his part, the top Democrat on the House intelligence committee said he was “deeply disturbed” by the breach, but Rep. Adam Schiff didn’t call on anyone to resign.
“I do not believe OPM was fully candid in its original briefing to the Committee and omitted key information about two distinct hacks and the breadth of the potential compromise,” Schiff said in a statement. “To the degree OPM has not been fully forthcoming with Congress or has sought to blame others for a lack of its own adequate security, OPM has not inspired confidence in its ability to safeguard our networks and most sensitive databases.”
Last week, Director of National Intelligence James Clapper told CNN at an intelligence conference that China is the “leading suspect” in the OPM hack.