I was wondering when we would start hearing about the consequences of the massive Office of Personnel Management data breach back in 2014. Well, that particular shoe now appears to be dropping:
Some current and former federal government employees are taking a look at their credit activity after the Justice Department said this week that data stolen by suspected Chinese hackers in 2014 cyberattacks at the Office of Personnel Management may have been used to commit identity fraud.
Federal prosecutors on Monday said a Maryland couple had pleaded guilty to using information stolen in the OPM breach to set up fraudulent car-loan applications with a Newport News, Va., credit union.
Disclosure of the car-loan scheme, which took place in 2015 and 2016, has prompted new worries of potential identity theft for the more than 21 million current and former federal employees and contractors affected by the breach, which exposed Social Security numbers, addresses and other sensitive information, in addition to 5.6 million fingerprints. […]
Current and former U.S. officials familiar with the OPM breach said it wasn’t clear how the hacked files would have ended up in the hands of people in Maryland seeking to commit identity fraud. China has denied any involvement in the hack.
“This fraud case makes no sense,” said one former federal investigator who worked on the OPM investigation.
The use of stolen data to wreak havoc on individuals’ lives could become a very “disruptive” form of cross-border psychological warfare.