The government hack believed to be the biggest in U.S. history just got worse.
The Office of Personnel Management said Wednesday it underestimated the number of people whose fingerprints were stolen in a data breach that officials said originated in China. The federal agency said 5.6 million people’s fingerprints were compromised—not 1.1 million, as previously thought.
OPM, along with the Department of Defense, has spent the summer notifying millions of current and former government employees affected by the breach. During this process, OPM said the agencies “identified archived records containing additional fingerprint data not previously analyzed.”
OPM is the federal government’s human resources department, and has the task of conducting background checks for security clearances. The breach occurred in December 2014 and was made public in early June. Back then, the Obama administration estimated that security clearance data—including fingerprints, Social Security numbers, addresses, employment history, and financial records—of 4 million people was exposed. In July, the administration revised that estimate to 21.5 million after a second intrusion was detected. OPM Director Katherine Archuleta resigned soon after.