OPM fingerprint hack 5 times worse than previously thought

The hack of personal information from the Office of Personnel Management is easily the most underreported big story of the year, and a catastrophe that will directly affect our national security for years to come.

At first, the OPM admitted that a few million records had been exposed.  Then it become 14 million. Now it's up to 21 million federal employees, contractors, and, in many cases, their families. Social Security numbers, personal medical information, background checks – all have been exposed to the hackers, thought to work for the Chinese government.

The agency's original estimate was 1.1 million fingerprints.

This is extremely sensitive information that poses an immediate danger to American spies and undercover law enforcement agents.

As an OPM spokesman told CNNMoney in July: "It's across federal agencies. It's everybody."

Hackers now have a gigantic database of American government employee fingerprints that can be used to positively identify those employees.

Anyone with these records could check to see if a diplomat at a U.S. embassy is secretly an employee of an American intelligence agency.  That person could then be targeted for arrest or assassination.

That's particularly alarming, given that U.S. Intelligence Director James Clapper says China is the number-one suspect behind the hack.

China and the United States are major trade partners and – for the most part – allies.  But the world's two superpowers are also butting heads.

Both countries have a huge military buildup.  America is solidifying its influence in southeastern Asia, even as China – on the rise both politically and economically – is expanding its influence in Africa, South America, and the Pacific.

In a statement Wednesday, the personnel agency said experts from the Department of Homeland Security, the FBI, spy agencies, and the U.S. military are meeting to figure out "potential ways adversaries could misuse fingerprint data now and in the future."

One former CIA officer told CNNMoney he worries that details of his secret past is now in the hands of the Chinese government.

To a lesser extent, there's also a concern that 5.6 million people can no longer rely on their fingerprints as a security mechanism.  This is a problem, given that smartphones and buildings are increasingly using biometric scanners to grant access.

You can understand why the administration has tried to suppress the extent of the hack.  Why let the enemy know how successful he's been?  But with Congress demanding an accounting of what was lost, the bad news won't be kept hidden forever.

Some of our best people are likely to suffer as a result of OPM's stupidity and carelessness.  Stupid because they failed to update security, and careless because they weren't paying attention.  The hackers had access to our systems for months before the breach was finally discovered. 

The president is going to soft-pedal our concerns about hacking during his meetings with President Xi in the interest of maintaining our relations with China.  But the Chinese are directly challenging us in Asia, threatening our allies, and expanding their power.  Inevitably, our relationship will change.  And when that happens, China will already have a leg up in knowing a lot more about our people than we know about theirs.

The hack of personal information from the Office of Personnel Management is easily the most underreported big story of the year, and a catastrophe that will directly affect our national security for years to come.

At first, the OPM admitted that a few million records had been exposed.  Then it become 14 million. Now it's up to 21 million federal employees, contractors, and, in many cases, their families. Social Security numbers, personal medical information, background checks – all have been exposed to the hackers, thought to work for the Chinese government.

The agency's original estimate was 1.1 million fingerprints.

This is extremely sensitive information that poses an immediate danger to American spies and undercover law enforcement agents.

As an OPM spokesman told CNNMoney in July: "It's across federal agencies. It's everybody."

Hackers now have a gigantic database of American government employee fingerprints that can be used to positively identify those employees.

Anyone with these records could check to see if a diplomat at a U.S. embassy is secretly an employee of an American intelligence agency.  That person could then be targeted for arrest or assassination.

That's particularly alarming, given that U.S. Intelligence Director James Clapper says China is the number-one suspect behind the hack.

China and the United States are major trade partners and – for the most part – allies.  But the world's two superpowers are also butting heads.

Both countries have a huge military buildup.  America is solidifying its influence in southeastern Asia, even as China – on the rise both politically and economically – is expanding its influence in Africa, South America, and the Pacific.

In a statement Wednesday, the personnel agency said experts from the Department of Homeland Security, the FBI, spy agencies, and the U.S. military are meeting to figure out "potential ways adversaries could misuse fingerprint data now and in the future."

One former CIA officer told CNNMoney he worries that details of his secret past is now in the hands of the Chinese government.

To a lesser extent, there's also a concern that 5.6 million people can no longer rely on their fingerprints as a security mechanism.  This is a problem, given that smartphones and buildings are increasingly using biometric scanners to grant access.

You can understand why the administration has tried to suppress the extent of the hack.  Why let the enemy know how successful he's been?  But with Congress demanding an accounting of what was lost, the bad news won't be kept hidden forever.

Some of our best people are likely to suffer as a result of OPM's stupidity and carelessness.  Stupid because they failed to update security, and careless because they weren't paying attention.  The hackers had access to our systems for months before the breach was finally discovered. 

The president is going to soft-pedal our concerns about hacking during his meetings with President Xi in the interest of maintaining our relations with China.  But the Chinese are directly challenging us in Asia, threatening our allies, and expanding their power.  Inevitably, our relationship will change.  And when that happens, China will already have a leg up in knowing a lot more about our people than we know about theirs.