OPM: Notifying Those Impacted by the Recent Cyber Intrusion

 beth-cobert
OPM: by 

Yesterday, we began mailing notification letters to the individuals whose personal information was stolen in a malicious cyber intrusion carried out against the Federal Government. Impacted individuals will be notified by OPM via U.S. Postal Service mail. Email will not be used. OPM Logo

The letters being mailed to those affected by this incident will describe the comprehensive suite of identity theft protection and credit monitoring services that will be provided for at least three years, at no cost, to impacted individuals and to their dependent minor children. An impacted individual is someone whose personal information, including Social Security Number, was stolen.

As we have noted before, those impacted by this breach are already automatically covered by identity theft insurance and identity restoration services. However, the Federal Government is providing additional services that impacted individuals are encouraged to enroll in, free of charge.

The notices will contain a personalized identification number (PIN) number which is necessary to enroll in the covered services. Please note that neither OPM, nor anyone acting on OPM’s behalf, will contact you to confirm any personal information. If you are contacted by anyone asking for your personal information in relation to compromised data or credit monitoring services, do not provide it.

As you know, a very large number of people were impacted by this breach, and the nature of the information involved has national security implications as well. OPM and the Department of Defense have continued to analyze the impacted data to verify its quality and completeness, and in this process, we determined that approximately 5.6 million of the impacted individuals had their fingerprints stolen. If an individual’s fingerprints were taken, this will be noted in their letter.

While Federal experts believe that, as of now, the ability to misuse fingerprint data is limited, an interagency working group with expertise in this area will review the potential ways adversaries could misuse fingerprint data now, and in the future. This group will also seek to develop potential ways to prevent such misuse. If in the future, new means are developed to misuse the fingerprint data, the government will provide additional information to individuals whose fingerprints may have been stolen in this breach.

All of these factors make it important that we take the time necessary to make sure the notification process is carried out carefully. We’re committed to getting this right. What this means is that, while the notifications are beginning this week, it could take considerable time to deliver them all.

I understand that many of you are frustrated and concerned, and would like to receive this information soon. My personal data was also stolen in this breach, and I am eager to get my notification letter as soon as possible so that I can sign up for these services. However, given the sensitive nature of the database that was breached – and the sheer volume of people affected – we are all going to have to be patient throughout this notification process.

In the meantime, please check OPM’s online cybersecurity resource center at www.opm.gov/cybersecurity for updates and additional information. This website has valuable suggestions about how to reduce the risk of becoming a victim of cybercrime, has answers to many frequently asked questions, and allows you to sign up for automatic updates. We are continually refreshing the site and will continue to do so as this process unfolds.

OPM and our partners across government are working hard to protect the safety and security of the information of Federal employees, contractors and others who entrust their information to us.

Together with our interagency partners, OPM is committed to delivering high quality identity protection services to the Federal community. We will continue to update you as this process continues. Thank you for your patience, your service to the American people, and your continuing support.

7 Responses to "OPM: Notifying Those Impacted by the Recent Cyber Intrusion"

  1. Another unqualified Obama appointment/disappointment I mean . I retired and Obama ruined my healthcare , now he will wreck my social security number . Who do they have working in those credit monitoring services ? DO they pass a background check ? Or will they also just accidentally leave their PC on for someone else to hack into . Dumb down the tests, dumb down everything so unqualified people can hold important jobs .

  2. Angelo, have you tried the phone number listed in the letter? ID Experts: 1-800-750-3004 It was mentioned in my letter to call with ?’s or to enroll. (My letter had 5 pin numbers!) The company I choose for ID protection will NOT be at the recommendation of one who has been negligent with my personal information and who should have a more sophisticated security program than MY home computer. I almost feel that OPM may get some sort of kickback for all that sign up for the service that they are advising because the letter seems generic and was sent to my maiden name. I would like to think that my district office or local union would inform me.

  3. To Whom It May Concern,

    I received a letter from the Acting Director of Office of Personnel Management Beth F. Cobert stating I was one of the individual whose information was included in the inclusion. I enrolled with the ID Experts using PIN Code. In the enrollment process, I was asked for my SSN and Date of Birth. I set up my User ID and Password. Today, when I tried to log in, I can’t log in. Can anyone tell me if this letter is legitimate or not? Or am I a victim of identity theft. Please help and let me know. Thank you very much.

    Very Respectfully,
    Angelo Manaois

    Angelo – only OPM can answer your question…we cannot. Good Luck, PEN

  4. First, several months ago Scottrade notified me that my personal information had been acquired through a cybersecurity breach. Then I started receiving a lot of strange calls to my mobile phone. Now in December 2015, I receive a letter from OPM notifying me that all of the personal information in my federal employee file has been accessed by hackers. I have never been a federal employee, so what is going on???!!!

  5. My notification was addressed to my maiden name, and I have been married for 20 years. Anthem’s security breach happened in FEBRUARY 2015 and the USPS/FEDERAL GOVERNMENT happened before that. (Let’s say about one year ago). I am very disappointed in the delayed response to this and even more dismayed that this agency is trying to tell me how to protect my identity when it was stolen from them in the first place.
    Which is compromised, my married name or my maiden name? Or, are some of my files missing? Wow, what a flawed system!

    Kim – I totally 100 percent agree with you. I never even received a letter the last time OPM was attacked. And the worst thing, to me, is the government wants to put all of your records, personal business information, tax information, and medical records online…they not only want to do this…they ARE doing this. Yes, FLAWED! Rick Owens – PEN

  6. My notification came in with my name on it with no initial for my Middle name! And this is from an establishment which supposedly has my complete profile on file.
    Well having a breach may be just the tip of a deeper problem.

  7. I received a letter addressed to Michael Cooper. How do I know if this is for me or for my son, who also is named Michael? No middle initial or Jr. was listed.

Leave a Reply

Your email address will not be published.