Uncle Sam’s Office of Personnel Management has suffered a major data breach. The personnel records of as many as 4 million current and former federal employees may have been compromised.
According to a press release from the OPM the agency identified a cyber security incident involving personally identifiable information (PII) of federal employees. OPM says it is working with the Department of Homeland Security’s Computer Emergency Readiness Team or CERT and the Federal Bureau of Investigation (FBI) to determine the full impact to Federal personnel. The OPM manages security clearances and employee records for every federal agency.
The federal government is the nation’s largest employer with over 4.3 million people on the payroll. According to the OPM in 2012 the federal government employed a total of 332,850 African-Americans.
This is the second data breach for the OPM. The agency admitted to a previous breach in March of 2014. The OPM claims it has implemented improved security since that breach and this new breach came before those new standards put in place. The previous breach has been blamed on Chinese hackers and according to the Washington Post, this attack is also believed to have originated in China.
In response China said today that allegations that it is involved in breaking into U.S. government computers are irresponsible.
During a regular news briefing Chinese Foreign Ministry spokesman Hong Lei said that Beijing hopes the U.S. would be “less suspicious and stop making any unverified allegations, but show more trust and participate more in cooperation.”
Because this is OPM’s second breach within a year many experts and elected officials have legitimate questions about security practices within the agency. U.S. Sen. Mark R. Warner (D-VA) said, “Today’s reported breach is part of a troubling pattern by this agency in failing to secure the personal data of federal employees, the second major breach in a year. Cyberattacks present a critical threat to our national security and our economy. We cannot afford to keep dragging our feet in addressing the escalating threats posed by hackers out to steal individuals’ personal information.”
This intrusion was discovered by an internal network monitoring systems. It is still unclear whether the attackers exploited any residual effects from the earlier attack. There is the potential that hackers have installed a back door in OPM’s computer systems allowing them to enter at will and take what they wish. A major concern because of this data breach is that America’s intelligence operatives may be exposed. A topic few in the government are speaking about.
OPM’s chief information officer told The Washington Post.“OPM has undertaken an aggressive effort to update our cyber security posture, adding numerous tools and capabilities to our networks. As a result of adding these tools, we were able to detect this intrusion into our networks.”
Because of the incident, OPM is sending notifications to approximately 4 million past and current federal employees whose PII may have been compromised. OPM stated that the investigation is on-going and additional PII data loss could be discovered. OPM will conduct additional notifications as necessary. OPM is offering a package of identity protection services including credit report access, credit monitoring and identify theft insurance and recovery services to potentially affected individuals through CSID, a company that specializes in these services.
