Government records stolen in a sweeping data breach that was reported last week are popping up for sale on the so-called "darknet," according to a tech firm that monitors the private online network used by criminals and creeps throughout the world.
Credentials to log into the Office of Personnel Management are being offered just days after the announcement the agency's records, including extremely personal information of 4.1 million federal government employees dating back to the 1980s, had been compromised, said Chris Roberts, founder and CTO of the Colorado-based OneWorldLabs (OWL), a search engine that checks the darknet daily for data that could compromise security for its corporate and government clients, including government IDs and passwords.
" ... the credentials and identities have been discovered online and are being traded actively.”
- Chris Roberts, OWL
“The recent OPM breach was identified, noted and the credentials and identities have been discovered online and are being traded actively,” said Roberts, who has been a consultant to a number of government agencies, but is currently at odds with the FBI over his reports, first published in Fox News, detailing the vulnerabilities of commercial airlines to cyber hacking. The FBI accused Roberts of hacking a commercial airplane, while Roberts claims he was simply trying to warn the government and industry of vulnerabilities.
“When these accounts are posted on the darker side of the net, they are usually ‘live’ and are part of a larger breach,” Roberts added. “They are typically parsed out and sold and distributed to interested parties, something OWL tracks.”
The darknet, the seedy underbelly of the Internet that search engines don’t plumb and only people with certain software can access, is a digital bazaar where everything from new identities, to a life-saving kidney, to credit card numbers and even the murder for hire, are for sale.
In addition to data from the OPM breach, Roberts said a new OWL search has uncovered another 9,500 government log-in credentials stolen this week from a variety of county, state and federal agencies across the nation, for everything from the Obamacare site, Healthcare.gov, the Internal Revenue Service, the U.S. Census Bureau, and U.S. Court System to the Child Support agency and Unemployment Agency in Ohio.
Roberts sent a report to the FBI Tuesday, as soon as OWL discovered the data, because the information being sold could lead to more extensive government data breaches.
The frequent hacking of government databases – and the ease with which hackers can obtain log on credentials on the darknet -- is having a tremendous impact on Americans across the nation and could impact our national security, experts said.
Former Counterintelligence Officer John Schindler believes the damage from the Office of Personnel Management’s data breach alone cannot be undone, in part because the agency conducts background investigations for security clearance holders across many federal agencies.
“Whoever now holds OPM’s records possesses something like the Holy Grail from a [counter-intelligence] perspective," Schindler wrote on his blog, The XX Committee. "They can target Americans in their database for recruitment or influence. After all, they know their vices, every last one — the gambling habit, the inability to pay bills on time, the spats with former spouses, the taste for something sexual on the side perhaps with someone of a different gender than your normal partner — since all that is recorded in security clearance paperwork.”
China is suspected of orchestrating the OPM cyber theft, Sen. Susan Collins, R-Maine, a member of the Senate Intelligence Committee, told The Associated Press.
President Obama said this week, and likely now has the personnel records of federal workers dating back to 1985.
It’s not just secret information employees wouldn’t want public, like romantic relationships, college drug habits, other proclivities and comments friends and neighbors made to investigators conducting background checks, in the other side’s possession now that makes this truly disastrous, Schindler warned.
“Perhaps the most damaging aspect of this is not merely that four million people are vulnerable to compromise, through no fault of their own, but that the other side now so dominates the information battlespace that it can halt actions against them,” Schindler said. “If they get word that a American counterintelligence officer, in some agency, is on the trail of one of their agents, they can pull out the stops and create mayhem for him or her: run up debts falsely - they have all the relevant data, perhaps plant dirty money in bank accounts -they have all the financials too, and thereby cause any curious officials to lose their security clearances. Since that is what would happen.”
It really doesn’t get much worse than this, Schindler said.
“For our Intelligence Community to get hit by this and the Snowden debacle within two years speaks to systemic failure, not ‘oversights’ and ‘mistakes’ any longer,” Schindler said. “We’re not serious about stemming foreign espionage, and now that neglect has caused serious pain that will last decades. Some of the damage may not be repairable, ever.”