Chinese citizen had root access to OPM database

Political discussion here. Any reasonable opinion is welcome, but due to the sensitive nature of the topic area, please be nice and respectful to others. No flaming or trolling, please. And please keep political commentary out of the other board areas and confine it to this area. Thanks!
Post Reply
User avatar
Dan H
Posts: 892
Joined: Thu Jul 24, 2014 12:10 pm

Chinese citizen had root access to OPM database

Post by Dan H » Wed Jun 17, 2015 4:45 pm

It's enough to drive one to drink.

Some of the contractors that have helped OPM with managing internal data have had security issues of their own—including potentially giving foreign governments direct access to data long before the recent reported breaches. A consultant who did some work with a company contracted by OPM to manage personnel records for a number of agencies told Ars that he found the Unix systems administrator for the project "was in Argentina and his co-worker was physically located in the [People's Republic of China]. Both had direct access to every row of data in every database: they were root. Another team that worked with these databases had at its head two team members with PRC passports. I know that because I challenged them personally and revoked their privileges. From my perspective, OPM compromised this information more than three years ago and my take on the current breach is 'so what's new?'"

http://arstechnica.com/security/2015/06 ... -official/

Top men, Dr. Jones. Top. Men. :lol:

Post Reply