Victims of June OPM Hack Still Haven’t Been Notified

OPM

Millions of government workers whose information was implicated in this year’s expansive Office of Personnel Management hack still haven’t been notified, the agency revealed this week.

Millions of government workers whose information was implicated in this year’s expansive Office of Personnel Management hack still haven’t been notified, the agency revealed this week.

The agency announced Tuesday that it would contact 21.5 million federal employees and contractors “later this month” to inform them their information may have been accessed by hackers and that the notifications would continue over the “next several weeks.”

The news comes five months after the government agency claimed it would be sending notifications to individuals, back in June, when the incident surfaced.

The agency also confirmed Tuesday that its hired a contractor, Theft Guard Solutions, a/k/a ID Experts, to further look into the compromise. OPM claims its contract with the Oregon-based firm, valued just north of $133 million, will provide victims with credit monitoring, insurance, and other services for three years.

Michael McCord, the Comptroller for the Department of Defense, first requested $132 million via a “Reprogramming Action” (.PDF) at the end of July “to provide a suite of identity monitoring and recovery services” for those affected by the hack.

Those affected by the hack will apparently receive a letter through the U.S. Postal Service which will include a PIN that can be used to enroll in the new credit monitoring and identity monitoring services through the government contract.

The OPM previously spent $20 million to provide theft protection services for 4.2 million people involved in a “separate but related cybersecurity incident,” identified in April.

Information leaked by the hacks purportedly include workers’ Social Security numbers, dates of birth, along with employee performance records, employment history, employment benefits, resumes, school transcripts, and any military service documentation, along with 1.1 million fingerprints and findings from interviews conducted by background investigators.

Earlier this week a Los Angeles Times report claimed that attackers in Russia and China, who many experts have maintained are behind the OPM hack, are cross referencing data from the breach, along with other recent data breaches, like Anthem and Ashley Madison, to squirrel out U.S. officials.

While many of the victims won’t learn for another few weeks that their information was accessed, OPM insists that as of Sept. 1, anyone ultimately impacted by the hack will be covered by the new services.

“As of September 1, 2015, all individuals impacted by the background investigation incident will be covered by identity theft and restoration services,” reads one part of a F.A.Q. on OPM’s site.

Suggested articles

Discussion

  • You want my name? Ask China for it. on

    As someone who has had both a Public Trust and a TS/SCI clearance within the past 10 years, I can say that I have yet to be contacted by someone from the OPM...Still waiting....
  • Naugahyde on

    I know that I still haven't been notified. I attempted to contact OPM, but my messages have gone unanswered. I was not able to reach a human by phone.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.