Jason Atchley : Data Security : More Than 21 Million Impacted by OPM Data Breach

Jason Atchley : Data Security : More Than 21 Million Impacted by OPM Data Breach

jason atchley

More Than 21 Million Impacted by OPM Data Breach

As many as 21 million federal workers, applicants and their family members were affected by two separate data breaches that hit the Office of Personnel Management last year.

Erin E. Harrison, Legaltech News

July 9, 2015    | 0 Comments
The Obama administration said today that hackers stole Social Security Numbers from more than 21 million people and took other sensitive information when government computer systems were compromised.
On July 9, OPM announced that more than 19 million who had applied for background investigations were affected. Government officials also said nearly 2 million people were also affected who weren’t applicants, but rather spouses or other family members.
The inter-agency forensic investigation, which commenced last month, identified two separate but related cybersecurity incidents on its systems. The first incident, announced in June by the OPM—the agency that oversees staffing and security clearance for federal agencies—revealed that hackers gained access to OPM databases in December 2014 and may have compromised the personal identifiable information of as many as 4 million individuals.
“OPM discovered an incident affecting background investigation records of current, former, and prospective federal employees and contractors,” according the July 9 OPM announcement. “Following the conclusion of the forensics investigation, OPM has determined that the types of information in these records include identification details such as Social Security Numbers (SSNs); residency and educational history; employment history; information about immediate family and other personal and business acquaintances; health, criminal and financial history; and other details.”
The team concluded “with high confidence” that sensitive information, including the SSNs of 21.5 million individuals, was stolen from the background investigation databases. That figure includes 19.7 million individuals that applied for a background investigation, and 1.8 million non-applicants, predominantly spouses or co-habitants of applicants.
According to OPM, some records also include findings from interviews conducted by background investigators, and approximately 1.1 million include fingerprints. Those impacted include those who underwent a background investigation through OPM in 2000 or afterwards.
“It is highly likely that the individual is impacted by this cyberbreach. If an individual underwent a background investigation prior to 2000, that individual still may be impacted, but it is less likely,” OPM officials said.
This data breach began in May 2014, according to OPM Director Katherine Archuleta’s recent testimony before Congress. It was not discovered until May 2015. Government officials said there is no information that points to any misuse of the stolen data.
“There is no information at this time to suggest any misuse or further dissemination of the information that was stolen from OPM’s systems,” according to the OPM announcement.
For the 21.5 million background investigation applicants, spouses or co-habitants with SSNs and other sensitive information that was stolen from OPM databases, OPM and the Department of Defense (DOD) will work with a private-sector firm specializing in credit and identity theft monitoring to provide credit-monitoring services. In addition, OPM launched a new, online incident resource center today.
Earlier this week, Homeland Security Secretary Jeh Charles Johnson said in a speech that he believed all civilian federal agencies will be using EINSTEIN 3A (E3A)—a cybersecurity platform—by the end of this year.
“To be frank, our federal cybersecurity is not where it needs to be,” Johnson said in the speech. “But we have taken, and are taking, accelerated and aggressive action to get there.”

Read more: http://www.legaltechnews.com/id=1202731773905/More-Than-21-Million-Impacted-by-OPM-Data-Breach#ixzz3fVWR92Xl


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: