Cybersecurity Incidents You Need to Know About

What Happened

cybersecurityOPM discovered two separate but related cybersecurity incidents that have impacted the data of Federal government employees, contractors, and others:

  • In June 2015, OPM discovered that the background investigation records of current, former, and prospective Federal employees and contractors had been stolen. OPM and the interagency incident response team have concluded with high confidence that sensitive information, including the Social Security Numbers (SSNs) of 21.5 million individuals, was stolen from the background investigation databases. This includes 19.7 million individuals that applied for a background investigation, and 1.8 million non-applicants, primarily spouses or co-habitants of applicants. Some records also include findings from interviews conducted by background investigators and approximately 5.6 million include fingerprints. Usernames and passwords that background investigation applicants used to fill out their background investigation forms were also stolen. Notifications for this incident started on September 30, 2015. We estimate notifications will continue for approximately 12 weeks.
  • While background investigation records do contain some information regarding mental health and financial history provided by applicants and people contacted during the background investigation, there is no evidence that health, financial, payroll and retirement records of Federal personnel or those who have applied for a Federal job were impacted by this incident (for example, annuity rolls, retirement records, USA JOBS, Employee Express).
  • Earlier in 2015, OPM discovered that the personnel data of 4.2 million current and former Federal government employees had been stolen. This means information such as full name, birth date, home address and Social Security Numbers were affected. You should have already received a notification if you were impacted by this incident.

OPM and an interagency team from the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have been investigating these incidents, and are working to put in place changes that will prevent similar thefts in the future. Based on the analysis and forensics to date, the interagency incident response team assesses that the adversary is no longer active on OPM’s network.

How You May Be Affected

If you underwent a Federal background investigation in 2000 or afterwards (which occurs through the submission of forms SF-86, SF-85, or SF-85P for either a new investigation or a reinvestigation), it is highly likely that you are impacted by the incident involving background investigations. If you underwent a background investigation prior to 2000, you still may be impacted, but it is less likely.

  1. Learn more about who was impacted and the protections we are working to put into place.
  2. Current and former Federal government employees
  3. Active duty servicemembers and veterans
  4. Current and former Federal contractors
  5. Job candidates for federal employment who were required to complete a background investigation
  6. Spouses and co-habitants of current and former Federal employees, contractors, and job candidates whose information was stolen
  7. Immediate family, close contacts, and references of current and former Federal employees, contractors, and job candidates whose information was stolen

What You Can Do

cybersecurity newsAt this time, there is no information to suggest misuse of the information that was stolen from OPM’s systems. We are continuing to investigate and monitor the situation. We have started notifying individuals impacted by the background investigation incident. Those impacted will automatically be eligible for some services and will need to take action to enroll in others. In the meantime, here are steps you can take to protect your identity:

  • Spot the warning signs of identity theft
  • Be aware of phishing scams
  • Update your passwords
  • Get up to speed on computer security
  • If you think your identity has been stolen
  • Learn how to keep your information safe from exploitation
  • Tips for practicing safe online behavior every day

What We’re Doing to Help

  • Supporting people who have been affected
  • Continuing to strengthen cyber defenses at OPM and across the Federal Government

Kacper Krawczyk

Kacper Krawczyk rozpoczął swoją karierę jako sprzedawca żetonów w polskim kasynie, a następnie został doświadczonym krupierem ruletki. Doskonalił swoje umiejętności, nauczył się angielskiego i uzyskał dyplom z Ekonomii, ostatecznie zarządzając ruletką na różnych statkach wycieczkowych w całej Europie, gdzie dużo podróżował. Kacper pracował również w banku i rozumie transakcje, więc często przygląda się procesom wpłat i wypłat. Zainspirowany swoim globalnym doświadczeniem, Kacper dzieli się swoimi wskazówkami dotyczącymi gier, recenzjami i publikuje uczciwe, bezstronne opinie, oferując czytelnikom cenny wgląd w świat hazardu kasynowego.

Ostatnio zaktualizowany:
newsletter
Subskrybuj nasz Newsletter