Federal Staff ‘Still Not Notified’ Months After OPM Hack

The tardy response of the US government to the Office of Personnel Management (OPM) hack earlier this year continues, with US officials acknowledging they had still not notified affected staff.

The attack, which was detected back in April, hit the OPM, which handles staff records and security clearances, with up to 21.5 million federal employees and contractors thought to have been affected.

Slow Notifications

However despite the large number of affected staff, the US government has still not notified people that their personal data may have been compromised, according to Reuters.

Apparently, the US Defense Department will only begin “later this month” to notify staff and contractors that their personal information has been accessed by hackers.

The OPM reportedly said notifications would continue over several weeks and “will be sent directly to impacted individuals.”

The agency has also hired an contractor called Identity Theft Guard Solutions LLC to help protect the identities and credit ratings of staff whose data was hacked. That contractor is an ID expert and will apparently provide credit and identity monitoring services for three years, as well as identity theft insurance, to affected individuals and dependent children.

US law enforcement has blamed a “foreign entity or government” for the hack, and authorities are looking into a possible Chinese link.

The OPM handles handles security clearances and staff records for federal staff, and the compromised data could include embarrassing personal details, such as arrest records or information about drug use for example.

Chinese Hackers?

The breach is thought to be the largest ever compromise of US government data. But this was not the first time that the OPM has been hacked.

Last year it was revealed that the OPM had been hacked in March 2014. The hackers back then targeted the files on tens of thousands of staff who had applied for top-secret security clearances. The hackers back then gained access to some of the agency’s databases, before the federal authorities detected the threat and blocked it. That attack was also traced to China.

A top US intelligence official has also named China as the top suspect in the hack.China has consistenly denied it was involved. But investigators point out that forensic evidence linked the OPM attack to other incidents thought to have been sponsored by China.

In June this year, the OPM said that it had taken its e-QIP system (a web-based platform for completing and submitting background investigation forms) offline while security repairs were implemented.

What do you know about Internet security? Find out with our quiz!

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Spyware Maker NSO Group Found Liable In US Court

Landmark ruling finds NSO Group liable on hacking charges in US federal court, after Pegasus…

3 days ago

Microsoft Diversifying 365 Copilot Away From OpenAI

Microsoft reportedly adding internal and third-party AI models to enterprise 365 Copilot offering as it…

3 days ago

Albania Bans TikTok For One Year After Stabbing

Albania to ban access to TikTok for one year after schoolboy stabbed to death, as…

3 days ago

Foldable Shipments Slow In China Amidst Global Growth Pains

Shipments of foldable smartphones show dramatic slowdown in world's biggest smartphone market amidst broader growth…

3 days ago

Google Proposes Remedies After Antitrust Defeat

Google proposes modest remedies to restore search competition, while decrying government overreach and planning appeal

3 days ago

Sega Considers Starting Own Game Subscription Service

Sega 'evaluating' starting its own game subscription service, as on-demand business model makes headway in…

3 days ago