This could be one of the potentially worst parts of the Office of Personnel Management hack affecting 21.5 million people. Whoever has this information -- U.S. intelligence thinks it's likely China -- could use the stolen fingerprints to better spy on America.
"It's across federal agencies. It's everybody," an OPM spokesman told CNNMoney on Friday.
In a Mission Impossible-type scenario, the thieves could create physical copies using latex or similar materials, then break into the fingerprint-locked devices of U.S. diplomats and government agents. This would expose secret conversations, disrupt investigations or poison international negotiations.
And potentially worse, these stolen records could unmask undercover investigators masquerading as other people.
"They're completely compromised," said biometrics expert Ramesh Kesanupalli. "A secret agent's name might be different. But they'll know who you are because your fingerprint is there. You'll be outed immediately."
Kesanupalli has given fingerprints a lot of thought. He created something called the FIDO protocol, a safe way to use the human body to unlock devices. And now he wonders if this collection of 1.1 million stolen fingerprints will end up on the black market. It would create a brand new type of trafficked stolen good: biometrics.
That's worse than exposed Social Security numbers. Those can be replaced.
"It's not like they have someone's password. Fingerprints are data that doesn't change. They'll never change. Twenty years from now, this will still be useful," said Robert M. Lee, co-founder of cybersecurity software maker Dragos Security. Read more at CNN,,,,
Protect yourself and your identity with IDShield.