A VERY interesting issue
Was mentioned that I've been thinking about for quite awhile with all the reported leaks - including some important ones like credit agencies or OPM.
They never mention if the hacker modified the database, which as this article points out, is not hard at all if you have access - you needn't be so crass as to just delete the whole thing for ransom.
What if you had some other agenda - some version of "deep fakery" in mind. Screw up someone's credit rating or security clearance in a way that would be near impossible for them to dispute. Or, perhaps better - GIVE yourself a good rating in credit or security and pass yourself off as someone worth of tons of money or access to secrets.
It's interesting to me how silent the authorities are on this one...I didn't know there were that many crickets on the planet. It has to be a concern, else every security person having anything whatever to do with those outfits should be fired or maybe even tried in court.