OPM Hackers Stole Data on Every Federal Employee

The breach compromised the personal information of millions of government workers.

National Journal
Dustin Volz
Add to Briefcase
See more stories about...
Dustin Volz
June 11, 2015, 12:54 p.m.

The hack­ers who in­filt­rated the Of­fice of Per­son­nel Man­age­ment last year swiped the per­son­al in­form­a­tion of every fed­er­al em­ploy­ee work­ing in gov­ern­ment, a num­ber po­ten­tially far great­er than the 4 mil­lion pre­vi­ously re­por­ted, ac­cord­ing to a labor uni­on of gov­ern­ment work­ers.

In a let­ter sent to OPM dir­ect­or Kath­er­ine Archu­leta and ob­tained by Na­tion­al Journ­al, Amer­ic­an Fed­er­a­tion of Gov­ern­ment Em­ploy­ees Pres­id­ent J. Dav­id Cox wrote that the hack­ers stole So­cial Se­cur­ity num­bers, birth­days, ad­dresses, mil­it­ary re­cords, job and pay his­tor­ies, and vari­ous in­sur­ance in­form­a­tion, in ad­di­tion to age, gender, and race data.

“Based on the sketchy data OPM has provided, we be­lieve that the Cent­ral Per­son­nel Data File was the tar­geted data­base, and that the hack­ers are now in pos­ses­sion of all per­son­nel data for every fed­er­al em­ploy­ee, every fed­er­al re­tir­ee, and up to one mil­lion former fed­er­al em­ploy­ees,” Cox wrote in a let­ter dated Thursday.

(RE­LATED: Point­ing Fin­gers at Mc­Con­nell, Sen­at­ors Stall Cy­ber­se­cur­ity Bill)

“Worst, we be­lieve that So­cial Se­cur­ity num­bers were not en­cryp­ted, a cy­ber­se­cur­ity fail­ure that is ab­so­lutely in­defens­ible and out­rageous,” he ad­ded.

Cox said that the 18 months of cred­it mon­it­or­ing and $1 mil­lion in li­ab­il­ity in­sur­ance that OPM has offered af­fected em­ploy­ees is “en­tirely in­ad­equate, either as com­pens­a­tion or pro­tec­tion from harm.”

Last week, fed­er­al of­fi­cials an­nounced that data for as many as 4 mil­lion former and cur­rent fed­er­al em­ploy­ees had been ex­posed. The breach oc­curred in Decem­ber and was de­tec­ted in April, of­fi­cials said, and many have at­trib­uted the in­tru­sion to China. That hack was already con­sidered one of the largest and most dev­ast­at­ing on re­cord. After the breach was an­nounced, OPM signed a $20 mil­lion con­tract with a private cy­ber­se­cur­ity com­pany to provide iden­tity-fraud pro­tec­tion ser­vices for af­fected em­ploy­ees.

(RE­LATED: Syr­i­an Elec­tron­ic Army Claims Hack of Army Web­site)

Of­fi­cials did not im­me­di­ately re­spond to a re­quest for com­ment.

Earli­er on Thursday, the Sen­ate re­jec­ted a push by Ma­jor­ity Lead­er Mitch Mc­Con­nell to al­low a cy­ber­se­cur­ity meas­ure to be ad­ded as an amend­ment in an on­go­ing de­bate over the Na­tion­al De­fense Au­thor­iz­a­tion Act. Mc­Con­nell had tried to use news of the OPM hack to jam the bi­par­tis­an meas­ure through, but Demo­crats — in­clud­ing some of the bill’s sup­port­ers — ar­gued that such im­port­ant le­gis­la­tion was de­serving of fuller de­bate.

{{third­PartyEmbed type:scribd id:268412148}}

This story has been up­dated.

Brendan Sasso contributed to this article.
What We're Following See More »
NRA Chief: Leftist Protesters Are Paid
1 days ago
Trump Still on Campaign Rhetoric
1 days ago
Trump Rails On Obamacare
1 days ago

After spending a few minutes re-litigating the Democratic primary, Donald Trump turned his focus to Obamacare. “I inherited a mess, believe me. We also inherited a failed healthcare law that threatens our medical system with absolute and total catastrophe” he said. “I’ve been watching and nobody says it, but Obamacare doesn’t work.” He finished, "so we're going to repeal and replace Obamacare."

Trump Goes After The Media
1 days ago

Donald Trump lobbed his first attack at the “dishonest media” about a minute into his speech, saying that the media would not appropriately cover the standing ovation that he received. “We are fighting the fake news,” he said, before doubling down on his previous claim that the press is “the enemy of the people." However, he made a distinction, saying that he doesn't think all media is the enemy, just the "fake news."

Report: Trump Asked FBI to Deny Russia Stories
1 days ago

"The FBI rejected a recent White House request to publicly knock down media reports about communications between Donald Trump's associates and Russians known to US intelligence during the 2016 presidential campaign, multiple US officials briefed on the matter tell CNN. But a White House official said late Thursday that the request was only made after the FBI indicated to the White House it did not believe the reporting to be accurate."


Welcome to National Journal!

You are currently accessing National Journal from IP access. Please login to access this feature. If you have any questions, please contact your Dedicated Advisor.