The fingerprint records of about 5.6 million current and former federal workers, contractors and job applicants were stolen in the breach of the U.S. Office of Personnel Management’s computer system, up from an initial estimate of 1.1 million, the agency said Wednesday.
The breach is significant because fingerprints are increasingly being used by government agencies, corporations and consumers for access to computers, buildings and other devices.
“Federal experts believe that, as of now, the ability to misuse fingerprint data is limited,” Samuel Schumach, a spokesman for OPM, which is the federal government’s jobs agency, said in a statement. “However, this probability could change over time as technology evolves.”
U.S. officials and private cybersecurity experts believe the OPM breach, which compromised data on 21.5 million individuals, was carried out by the Chinese government. The announcement Wednesday comes as Chinese President Xi Jinping is in the U.S. and plans to hold a summit with President Barack Obama on Friday. Cybersecurity is one of the top items that will be discussed.
The announcement doesn’t increase the estimate that the hack compromised sensitive information and Social Security numbers of 21.5 million individuals, some of whom were screened for U.S. government security clearances. OPM said an interagency team will continue to analyze the data as it prepares to mail notification letters to those impacted.