The hack on the personal data of a 4.2 million current and past federal employees just increased fourfold. Although the Office of Personnel Management is so far keeping to the original figure, briefed US officials say that 18 million people were actually affected, and that number is expected to get even bigger, CNN reports. The sources say FBI chief James Comey spilled the new estimate recently in a closed-door session with senators, though a source tells ABC News that these are "very raw numbers" and that "many forensic steps" are still being taken. Even people who applied for federal jobs and didn't get them could be at risk, per CNN. The number is expected to grow because a database was hacked that stored security clearance forms, which contained personal info of family members and associates of government officials.
OPM officials are now feeling the pressure. Internal auditors told the House Oversight Committee last week that important databases with sensitive national security info hadn't been adequately protected, and the head of the OPM has been criticized for being slow to provide relevant info, CNN notes. Another sore point has been that investigators believe the hackers were the same ones that infiltrated OPM contractor KeyPoint Government Solutions last year—and that it was KeyPoint credentials used to break into the OPM files. Meanwhile, Ars Technica worries the OPM breach is related to other major hacks, and that the hackers are pulling all this info together into what will eventually become "a LinkedIn for spies, providing a foreign intelligence organization with a way to find individuals with the right job titles, the right connections, and traits that might make them more susceptible to recruitment or compromise." (Those really into cyber-espionage should read Ars Technica's full piece.)