Dive Brief:

• Just a day before the arrival of President Xi Jinping of China for a meeting with President Obama that will be focused heavily on limiting cyberespionage, the Office of Personnel Management said Wednesday that the hackers who stole security dossiers from the agency also got the fingerprints of 5.6 million federal employees, the New York Times reported.
• The attack on the agency has been attributed to China by American intelligence agencies, but it is unclear exactly what group or organization engineered it, according to the Times.
• Before Wednesday, the agency had said that it lost only 1.1 million sets of fingerprints among the more than 22 million individuals whose records were compromised, the Times reported.

Dive Insight:

“Federal experts believe that, as of now, the ability to misuse fingerprint data is limited,” the agency said in a written statement. But in today's world, biometrics are used with increasing frequently as a security measure, including on personal devices, the Times said.

One of the biggest concerns about the breach has been that China, or any other nations given access to the data, could use it to identify intelligence agents, defense personnel or government contractors, the Times noted. Other data could be used for blackmail.

But in testimony to a House committee recently, intelligence officials said they had seen no evidence that the data lifted from the Office of Personnel Management had been used for any financial purpose, like gaining access to bank accounts or credit cards.

While the OPM is not in the private business sector, this breach reminds HR leaders that protecting worker data remains a critical issue.