This summer has already seen two major breaches of federal-government databases, leading to U.S. officials pointing fingers at China both times. In total, the two separate attacks compromised the personal data from approximately 25.7 million people, ranging from federal employees to the people they serve. Two months later, none of those people affected by the databank breach have been notified.
As a result of this breach, two important questions are raised concerning such digitized files: How safe are our identities, and how resilient are our defense mechanisms against such breaches?
The advent of the Social Security number was part of the FDR rebuliding of Great Depression America, which ultimately led to the seminal numerical equivalent to citizenship in the country. Next was a trend to track membership in many institutions through similar fashions, such as in health care, education, and employment.
Political scientist James Scott identifies in his book Seeing Like a State that these installations are methods by the state to create legibility among its populace. These range from the simple standardization of units of measurement, such as height or age to more abstract notions, such as health care or credit-card information. The files assist tracking an individual’s movement, both physically and within the realm of federal institutions. However, installing identification systems originated in a bygone era, yet, they have continued into the modern era.
The digitization of these types of files, from Social Security to Medicare to addresses, has resulted in the consolidation of this information into large data files. Subsequently, a breach into one hub easily compromises the vital information to an individual’s federal identity, as evidenced by the most recent breaches.
These types of breaches go back to numerous high-profile cases in the past decade, in which the databases from Sony in 2014 and 2011 to Target in 2013 forced individuals to track any potential fraudulent activity. The frenzy resulted in an overhaul of credit information in those companies. Furthermore, the Heartbleed bug, disclosed in 2014, was identified as a fatal threat to individual’s password codes and username information that could compromise accounts of websites, such as PayPal or Amazon.
With such vital information housed in penetrable hubs, where malicious hackers can (relatively easily it seems) access said numbers, the digitization of such sensitive data further compromises the safety of civilian identities.
Breached information in the dangerous hands of criminals or contentious countries poses the largest threat in hacked databanks. The aftermath allows the criminal to leverage further data as well as exposing exploitable points of hubs.
Federal institutions are not the only target of such attacks. Last week, UCLA Health revealed a cyberattack resulting in up to 4.5 million people’s personal information at risk of compromise. Health-care institutions hold some of the most sensitive and vital forms of identification.
Additionally, education centers, such as the UI, can also be considered a prime target in trying to access an individual’s vital data, such as Social Security and FAFSA information as well as credit and address information.
What Scott describes as legibility measures enacted by the state may translate easily into our digitized world, but the consolidation of such information creates one of the largest risks to the people the government represents.