Federal background checks, after all, are meant to suss out information that might be used by foreign enemies to blackmail a government staffer into turning over classified information. And that stolen information could be used for exactly that extortion purpose, says Chris Eng, a former NSA staffer and now VP of research at the security firm Veracode. If the breached background check information goes beyond the SF-86 form, it could even include detailed personal profiles obtained through polygraph tests, in which employees are asked to confess law breaking and sexual history. ”They write it all down and it goes into your file. If OPM had any of that stuff, it could be super damaging. You’d know exactly who to go after, who to blackmail,” Eng says. “It could be very damaging from a counterintelligence and national security standpoint.”
There’s another concern even beyond that blackmail risk. SF-86 forms can include a list of foreign contacts with whom a worker has come in contact. Diplomats and other workers with access to classified information are required—depending on their job—to provide a list of these contacts. There is concern that if the Chinese government got hold of lists containing the names of Chinese nationals who had been in touch with US government workers, this could be used to blackmail or punish them if they had been secretive about the contact.
Join the conversation as a VIP Member