If you’ve seen the news lately, you’ve undoubtedly heard that someone hacked into the federal government’s Office of Personal Management. Over four million employee records were compromised, including information like Social Security numbers, birth dates, addresses and training records. The hack has been traced by to China. So why would China want information typically found in someone’s personnel file?
The revelation here is two-fold. First, stealing credit card numbers is considered petty theft in the cyber-world. China doesn’t need or want anyone’s bank account. Serious hackers don’t steal credit card information anymore. Professional hackers go after PII (personally identifiable information). PII is extremely valuable, especially if hackers want to target specific individuals. Using PII, hackers can build a profile of their victims, using the information to extort or blackmail them into doing something sinister. If that sounds familiar, you’ve probably read my book The Quantum Breach, where I describe in full detail how hackers use PII to social engineer their victims.