Comment by bandrami
2 days ago
I remember when they leaked a million SF-86s. You know, the form we fill out with a ton of highly personal information so they can decide if we can be trusted with sensitive data.
2 days ago
I remember when they leaked a million SF-86s. You know, the form we fill out with a ton of highly personal information so they can decide if we can be trusted with sensitive data.
That wasn't a leak, it was a breach (perpetrated by Chinese state security).
with a breach, the data ends up in one group's hand but a leak means everyone gets access. Which would you rather have?
I think logically you'd want the former. with a leak the group will get their hands on it anyways, might as well try to limit reach
Wasn't that OPM, not CISA?
Yes, multiple times IIRC (my "they" was more general than a specific agency)
CISA, however, was the administration whose head was caught using an unauthorized commercially-hosted LLM for government data a few months ago:
https://cyberpress.org/cisa-public-chatgpt/
Yeah, that was OPM...twice.