News came, when else, late on Friday that the Chinese attack on the Office of Personnel Management (OPM) were even worse than previously thought.
Not only was the personal information of every government employee stolen in the attack but the Chinese hackers gained access to the sensitive background information submitted by intelligence and military personnel for security clearances.
The stolen forms, known as Standard Form 86, detail deeply personal information about mental illnesses, drug and alcohol use, past arrests and bankruptcies. They also list the contacts and relatives of employees, exposing any foreign relatives of U.S. intelligence employees to coercion. Both the applicant's Social Security number and that of his or her cohabitant is further listed on the detailed form.
This confirms a vague statement issued by the White House on June 8, that there was "a high degree of confidence that ... systems containing information related to the background investigations of current, former and prospective federal government employees, and those for whom a federal background investigation was conducted, may have been exfiltrated."
"This tells the Chinese the identities of almost everybody who has got a United States security clearance," said Joel Brenner, a former top intelligence official. "That makes it very hard for any of those people to function as an intelligence officer. The database also tells the Chinese an enormous amount of information about almost everyone with a security clearance. That's a gold mine. It helps you approach and recruit spies."
While the OPM didn't comment, the latest admission flies in the face of statements issued by OPM that have consistently said there was no evidence that security clearance information had been compromised.
The White House statement said the hack of the security clearance database is separate from the breach of federal personnel data announced last week, though it is within the same agency.
The previous breach is itself appearing far worse than first believed, with over 4.1 million federal employee records stolen.
In short, China now knows the identity of every single U.S. security clearance holder - and what makes them tick.