Man Charged in First Use of Hacked OPM Federal Employee Data

Tech news website Fifth Domain has flagged “what appears to be the first illicit use of federal employee data that was swiped by suspected Chinese hackers in 2015, creating a cloud of mystery that has sparked the attention of members of Congress.”

The story involved the fraudulent use of a former federal employee’s identity by Marlon McKnight. In December of 2015, McKnight used the employee’s information to open a bank account, savings account, and to take out a vehicle loan at Langley Federal Credit Union in Langley, Virginia.

McKnight “pled guilty June 11 to identity theft and bank fraud using stolen information from a 2015 hack on the U.S. Office of Personnel Management.”

The OPM hack represents one of the largest data breaches in modern history, impacting more than 21 million active and retired federal employees. That number has grown sizably from the initial estimates offered when the data breach was initially announced.

As Fifth Domain’s Justin Lynch notes, federal authorities also suggested the data breach would not personally impact those whose data had leaked, citing a 2015 letter from Senator Mark Warner that said “there was not a risk of domestic use of this information for criminal or fraudulent purposes.” Warner has noted McKnight’s story “calls this assumption into question,” criticizing what he considers a shortage of information from OPM and the U.S. Department of Justice.

Last week, Congressman Gerry Connolly (D-VA) sent a letter urging the release of more information.

“I believe further details about how the defendants obtained the (stolen data) could be useful for the purposes of protecting victims of the breach from further criminal activity,” Connolly wrote.