Sensitive information gathered in the background checks of current, former and prospective federal employees may have been compromised in hacks, the Office of Personnel Management said Friday.
An investigation by the Department of Homeland Security and the FBI found "there was a high degree of confidence" that information from background checks was revealed. Officials shared that information with federal agencies on Monday and it was made public Friday.
Two people who've been briefed on the investigation say information on as many as 14 million civilian employees, dating back to the 1980s, was compromised. There are about 2.6 million executive branch civilians, so the majority of the records would relate to former employees.
A government workers' union claimed on Thursday that hackers stole personnel data and Social Security numbers for every federal employee, as NBC Washington reported.
Sen. Harry Reid, said on the Senate floor that a hack into OPM data was carried out by "the Chinese," without specifying whether he meant the Chinese government or individuals. Reid is one of eight lawmakers briefed on the most secret intelligence information. U.S. officials have declined to publicly blame China, which has denied involvement.
J. David Cox, president of the American Federation of Government Employees, said in a letter to OPM director Katherine Archuleta that based on the incomplete information the union received from OPM, "We believe that the Central Personnel Data File was the targeted database, and that the hackers are now in possession of all personnel data for every federal employee, every federal retiree, and up to 1 million former federal employees."
OPM assured current, past and prospective federal employees that the office is working to protect their safety.
Local
Washington, D.C., Maryland and Virginia local news, events and information
"OPM takes very seriously its responsibility to protect the sensitive data we manage," spokesman Sam Schumach said in a statement. "Once we have conclusive information about the breach, we will announce a notification plan for individuals whose information is determined to have been compromised."
Outside experts are pointing to the breach as a blistering indictment of the U.S. government's ability to secure its own data -- two years after a National Security Agency contractor, Edward Snowden, was able to steal tens of thousands of the agency's most sensitive documents.
The Associated Press contributed to this report.