A cyberattack on the U.S. Office of Personnel Management (OPM) that saw 22.1 million personal records stolen also involved the loss of 1.1 million fingerprints, the OPM has noted in a statement.

The data was taken from people who have undergone background checks for security clearances.

The total number included some 19.7 million who applied for the clearances for federal roles, plus 1.8 million non-applicants, mostly spouses or co-habitants of applicants, the agency said.

The 1.1 million fingerprints stolen represents 0.3% of the US population, while the total of 22.1 million represents almost 7%.

According to a procedural document from 2013: “Fingerprints are submitted to OPM’s Fingerprint Transaction System (FTS) electronically via an FBI approved live-Scan System or Fingerprint Card Scan System that utilizes OPM-approved software. Currently, OPMonly accepts Type-4 fingerprint images for electronic submission.”

However, OPM also receives hardcopy fingerprints and scans the fingerprints to an Electronic Fingerprint Transmission Specification (EFTS) file to forward to the Federal Bureau of Investigation.