It looks like the major media are lightly stepping over the recent revelation that Chinese hackers have been rooting around in the Office of Personnel Management's files for over a year. For those that don't know what the Office of Personnel Management is, here is a brief summary:
OPM controls thousands of agents who go forth and investigate the background information provided by all employees of the United States who require a National Security Clearance in order to work for the U.S. Government. That includes all military officers and most enlisted personnel. It includes most State Department employees and Foreign Service Officers and it includes almost all of the bureaucrats working in every other job. For instance, CIA, NSA, DIA, Secret Service personnel require security clearances and background investigations as do all FBI agents and all the other agents one can think of.
OPM's databases are online and include completed copies of this form. Go ahead and look. You know you want to see how bad it is knowing that these are not only compromised but almost certainly include the OPM agent's report of investigation and notes which are used to limit or deny clearances and deny access.
I won't be surprised to learn that all of those who completed the paperwork for Special Background Investigations are clearly denoted and their access described in fuller detail. You know, the people who require Q clearances or access to Restricted or Formerly Restricted Data. It probably even has clues for who was investigated or reinvestigated as access requirements ballooned and moved beyond Top Secret.
The terrible thing about OPM is that they were quick off the ball a decade ago and required all submissions of form SF 86 to be made electronically. ie, all of us squirted our personal information directly into OPM's computers because they refused to accept paper submission of SF 86's after 2005.
I think every single person involved in this fiasco at OPM must be fired and horsewhipped and then deported to Iran. Where was their Information Vulnerability Assessment? Where was their cyber security? Why wasn't the data encrypted given how insanely valuable it could be to an up and coming superpower? This catastrophe ranks up there with Hanssen, Ames and Walker for the damage it has caused and will cause going downstream.
This won't be solved by firing the #1 bureaucrat. This requires the wholesale demotion and firing of every person involved in safeguarding the information they acquired and retained in the leaky sieve laughingly known as the security database.