When the Administration disclosed the OPM hack in early June, they said Chinese hackers had stolen the personal information of up to four million current and former federal employees. The suspicion was that this was another case of hackers (presumably sanctioned by China’s government) stealing data to use in identity theft and financial fraud. Which is bad enough.

Yet in recent days Obama officials have quietly acknowledged to Congress that the hack was far bigger, and far more devastating. It appears OPM was subject to two breaches of its system in mid-to-late 2014, and the hackers appear to have made off with millions of security-clearance background check files.

These include reports on Americans who work for, did work for, or attempted to work for the Administration, the military and intelligence agencies. They even include Congressional staffers who left government—since their files are also sent to OPM.