Every time we think the largest breach of cyber security has occurred, a separate breach comes along to “one-up” it. That’s seeming to be especially true with the recently disclosed hack of the federal Office of Personnel Management, the government’s human resources division. Initially, the government stated the hack exposed the personal information of approximately four million people – information such as Social Security numbers, birthdates and addresses of current and former federal workers. This, of course, has been proven wrong.

It turns out that the hackers, believed to be Chinese, also accessed information from SF-86 forms. These forms are used for conducting background checks for worker security clearances. The forms can contain a wealth of sensitive data not only about workers seeking security clearance, but also about their friends, spouses and other family members. They can also include potentially sensitive information about the applicant’s interactions with foreign nationals—information that could be used against those nationals in their own country.

The Theodore Roosevelt Building, headquarters of the U.S. Office of Personnel Management (OPM), stands in Washington, D.C., U.S., on Friday, June 5, 2015. The disclosure by U.S. officials that Chinese hackers stole records of as many as 4 million government workers is now being linked to the thefts of personal information from health-care companies. The hackers, thought to have links to the Chinese government, got into the OPM computer system late last year, according to one U.S. official. Photographer: Andrew Harrer/Bloomberg via Getty Images

The Theodore Roosevelt Building, headquarters of the U.S. Office of Personnel Management (OPM).

Cyber security is proving to be a real challenge for not only corporations, but governments as well. We need to be able to successfully safeguard our information from hackers online (if not, there’s always pen-and-paper again!) The fact that the OPM did not have their own IT security staff until 2013 is also puzzling and alarming. It is time to safeguard your information online and understand that the threat to breach this information is very real.

The time to act is now.