A group of lawmakers are proposing victims of last month’s expansive Office of Personnel Management hack receive lifetime fraud protection and credit monitoring.
Democratic lawmakers on Monday presented the Reducing the Effects of the Cyberattack on OPM Victims Emergency Response, or RECOVER Act. If approved, the act would give the 22.5 million victims of the breach ID theft monitoring for life and insure them for losses up to $5 million.
In the wake of data breaches, hacked companies usually offer victims a year of complimentary credit monitoring services. While the practice is often viewed as a shoddy consolation prize and a hollow attempt for businesses to gain back their customers; trust, it appears the RECOVER Act is looking to up the ante when it comes to data breach compensation.
Introduced by Del. Eleanor Holmes Norton (D-D.C.) and eight other Democrats from Maryland and Virginia, the bill could ultimately cost hundreds of millions of dollars, if not more. It accompanies a companion bill introduced by Senator Ben Cardin (D-MD) and Barbara Mikulski (D-MD) last week.
— Eleanor H. Norton (@EleanorNorton) July 9, 2015
If passed, the bill would improve upon the Office of Personnel Management’s current plans, which is offering those implicated in the breach between 18 months and three years of similar services and only $1 million in loss coverage.
“The OPM data, which was not encrypted, was there for the taking despite the Inspector General’s warnings,” Norton said via a press release on Monday.
“OPM’s offer of limited credit monitoring and identity theft protection coverage fails to recognize that the hackers could out-wait the OPM’s proposed period of credit monitoring and very limited loss coverage. Much of the OPM data is lifetime and permanent background information that cannot be changed like a credit card number,” Norton said.
If it comes to fruition, the bill would satisfy part of a lawsuit filed by the National Treasury Employees Union, which called last week for all of its members to receive lifetime credit monitoring. The NTEU was the second union to file a lawsuit against OPM and its now-former director Katherine Archuleta, who resigned on Friday. The American Federation of Government Employees, the largest federal workers union, announced it was suing the OPM in late June.
Both unions have expressed their support for both iterations of RECOVER – both Norton’s bill, and Cardin’s – over the last several days.