Posted on Dec 12, 2015
MSgt Curtis Ellis
5.49K
10
8
3
3
0
"The agency has warned that any email that asks for personal information, or any version of the letter that does not direct individuals to OPM's cyber security website, should be considered fraudulent, and reported to local law enforcement and the Federal Trade Commission at https://www.ftccomplaintassistant.gov."


by MARCIA BREEN
Nearly all of the current and former federal employees who had their Social Security Numbers and other personal information stolen in a data breach at the U.S. Office of Personnel Management have been notified by the government.

As of Friday afternoon, six months after disclosing the breach, OPM announced that along with the U.S. Department of Defense, it has finished mailing notification letters to 93 percent of the 21.5 million Americans who had their personal information stolen.

The OPM revealed in early June that it suffered two apparently separate breaches of its computer system. There was some overlap in the two incidents, with one affecting records on 4.2 million people and the other totaling background check data on 21.5 million.

The larger breach involved much more sensitive personal information OPM had gathered for security clearances investigations of current, former and prospective federal employees and contractors.

That included 19.7 million contractors and employees who applied for security clearances, and 1.8 million "non applicants" whose personal data was included in security clearance applications, such as spouses.

OPM has said that anyone who underwent a security clearance background investigation in 2000 or afterwards was likely affected by the breach.

Mailing addresses could not be found for many of the affected individuals. And OPM expects it will have to resend some letters because hundreds of thousands have been returned.

People who receive a letter should confirm that the letter matches those displayed on the OPM website. The letter should direct them to OPM's cybersecurity page.

The agency has warned that any email that asks for personal information, or any version of the letter that does not direct individuals to OPM's cyber security website, should be considered fraudulent, and reported to local law enforcement and the Federal Trade Commission at https://www.ftccomplaintassistant.gov.

"OPM and our partners across government remain committed to protecting the safety and security of the information provided to us," OPM spokesperson Sam Schumach said in a statement. "Together with our interagency partners, OPM is dedicated to delivering high-quality identity protection services to impacted individuals. The interagency team continues to review the impacted data to monitor for any misuse, and the U.S. Government will also continue to evaluate the coverage being provided and whether any adjustments are appropriate in association with this incident."

http://www.nbcnews.com/tech/tech-news/opm-finishes-mailing-notification-letters-data-breach-victims-n478721
Edited 9 y ago
Avatar feed
Responses: 5
MAJ Jim Steven
1
1
0
are we supposed to do anything specific??
(1)
Comment
(0)
MSgt Curtis Ellis
MSgt Curtis Ellis
9 y
MAJ Jim Steven Unfortunately, this is one that, as far as I know, you can't be proactive in the notification process. So no action until you are notified by letter from them (OPM or equivalent) which will give you specific instructions as to what you will need to do, to include taking advantage of the free monitoring they are offering. But everything is dependent and driven based on you receiving that letter.
(0)
Reply
(0)
Avatar small
SCPO Investigator
1
1
0
Edited 9 y ago
I received two, both me, one for civilian and one for military records.
(1)
Comment
(0)
Avatar small
PO1 Brian Austin
1
1
0
Yes and no, nothing received as of yet.
(1)
Comment
(0)
MSgt Curtis Ellis
MSgt Curtis Ellis
9 y
PO1 Brian Austin Its a gov agency... LOL!
(1)
Reply
(0)
Avatar small

Join nearly 2 million former and current members of the US military, just like you.

close