Data Breach Affects Millions of Current and Former Government Workers
Friday, June 5, 2015
Data Breach Affects Millions of Current and Former Government Workers
Print Mail Download i

The U.S. Office of Personnel Management (OPM) announced that hackers have stolen the personal information of approximately 4 million current and former federal employees, including names, birthdates and social security numbers.  OPM serves as the human resources department -and holds employee records – for the entire federal government, ranging from security clearances to the identities of covert CIA agents.  Every federal agency is potentially affected by this breach.  Notifications to affected employees will begin going out on Monday, June 8th, via email or US mail.  OPM will provide credit monitoring, identity theft insurance and recovery services for 18 months to affected individuals.

OPM is working with the Department of Homeland Security’s Computer Emergency Readiness Team – CERT – and the FBI to assess the full extent of the breach.  Early reports suggest that the breach originated in China.

Compounding the pain for OPM and the affected individuals is the revelation in OPM’s website  notice that the agency recently implemented an “aggressive effort” to update its network security.  Unfortunately, this effort only revealed the hack, but was not implemented in time to prevent it.

OPM’s breach follows a highly publicized IRS data breach, in which hackers accessed the personal information of 100,000 taxpayers and used it to file false refund requests.  In 2014 alone, the US Postal Service, White House, National Weather Service and US Department of State were all victims of cyber-attacks, some of them suspected of originating in China.

As of now, federal data breach numbers pale in comparison to private sector breaches, but it will be interesting to see if these incidents create a credibility problem for federal regulators, who can’t seem to keep their own systems secure.  According to a former federal prosecutor:

At a minimum, the government’s own inability to keep it’s cyber security house in order will be used defensively by private companies breach victims as a glowing example of how easily hackers can get in to even the most fortified government controlled computer systems.

It will also be interesting to see if this breach results in private litigation on behalf of affected employees, particularly those whose safety and ability to do their jobs depends on the secrecy of their identities.  

©1994-2024 Mintz, Levin, Cohn, Ferris, Glovsky and Popeo, P.C. All Rights Reserved.

Current Legal Analysis

More from Mintz

DOJ’s Criminal Division Announces Pilot Program on Voluntary Self-Disclosure for Individuals
by: Eoin P. Beirne , Nick A. LaPalme
CMS Publishes Final Rules Implementing Part C and Part D Program Changes
by: Tara E. Dwyer , Bridgette A. Keller
USPTO Issues Guidance on AI Use to Patent Professionals — AI: The Washington Report
by: Terri Shieh-Newton, PhD , Bruce D. Sokler
Some Harm is All it Takes – the Supreme Court Lowers the Bar for Title VII Discrimination Claims Involving Lateral Job Transfers
by: Paul M. Huston , Delaney M. Busch
Canada’s Federal Budget 2024: More Changes to the Stock Option Rules = More Headaches for Employers
by: Katy Pitch
Preparing a VC-Backed Company for an Exit Event
by: Stephen M. Callegari , Stefan Jović
NYC “Know Your Rights” Poster and Bill of Rights Website Now Live
by: Corbin Carter , Talia R. Weseley
NY AG Launches Greenwashing Lawsuit Against Beef Producer
by: Jacob H. Hupart
EPA Has Now Listed Two PFAS as Hazardous Substances Under CERCLA. Hold Onto Your Hats.
by: Jeffrey R. Porter
DOJ Releases COVID-19 Fraud Enforcement Task Force Report Touting Its Successes and Urging Lawmakers to Enact New Legislation
by: Jane Haviland , Abdie Santiago

Upcoming Legal Education Events

 

NLR Logo

We collaborate with the world's leading lawyers to deliver news tailored for you. Sign Up to receive our free e-Newsbulletins

 

Sign Up for e-NewsBulletins