15 http://krebsonsecurity.com/tag/opm-breach/
Case in Point: "Trusted ≠ Trustworthy"
The U.S. Government's Office of Personnel Management (OPM) breach
15
showed why the distinction between trust and trustworthiness is so
important to information security. In the event, records containing
sensitive personal information were breached. While very, very bad, this by
itself was not so different from many other breaches.
What made OPM much worse is that it's a system trusted by some of the
most critical U.S. security organizations. Once that system was broken,
a whole ra of other operations was impacted. The single biggest
difference in a breach of this kind is that foundation-level dependency
on a trusted system means that once breached, there is a cascade effect
across the system.
