BLOG purpose

This BLOG is for LLNL present and past employees, friends of LLNL and anyone impacted by the privatization of the Lab to express their opinions and expose the waste, wrongdoing and any kind of injustice against employees and taxpayers by LLNS/DOE/NNSA. The opinions stated are personal opinions. Therefore, The BLOG author may or may not agree with them before making the decision to post them. Opinions not conforming to BLOG rules are deleted. Blog author serves as a moderator. For new topics or suggestions, email jlscoob5@gmail.com

Thursday, July 16, 2015

Second Data Breach



.........................................................................................
OPM Announces More Than 21 Million Affected by Second Data Breach

The National Journal, July 9th 2015

July 9, 2015 More than 21 million Social Security numbers were compromised in a breach that affected a database of sensitive information on federal employees held by the Office of Personnel Management, the agency announced Thursday.

That number is in addition to the 4.2 million Social Security numbers that were compromised in another data breach at OPM that was made public in June. Officials have privately linked both intrusions to China.

Of the 21.5 million records that were stolen, 19.7 million belonged to individuals who had undergone background investigations, OPM said. The remaining 1.8 million records belonged to other individuals, mostly applicants' families.

The records that were compromised include detailed, sensitive background information, such as employment history, relatives, addresses, and any past drug abuse or emotional disorders. OPM said 1.1 million of the compromised files also included fingerprints.

Some of the files in the compromised database also include "residency and educational history; employment history; information about immediate family and other personal and business acquaintances; health, criminal and financial history; and other details," OPM said.

Also included in the database is information from background investigations, and usernames and passwords that applicants used to fill out investigation forms. And although separate systems that store health, financial, and payroll information do not appear to have been compromised, the agency says some mental health and financial information is included in the security clearance files that were affected by the hack.

Besides the 21.5 million individuals who had their Social Security information stolen, OPM says others' identifying information—like their names, addresses, and dates of birth—were also compromised.

OPM will provide credit monitoring and identity theft protection services to the 21.5 million individuals whose Social Security numbers were stolen, but those individuals will be responsible for disseminating information to other people they may have listed on their background check forms. Those people, whom the government will not contact directly, will not have access to government-bought identity protection services.

The hack that resulted in the loss of these records began in May 2014, according to OPM Director Katherine Archuleta's testimony before Congress. It was not discovered until May 2015.

A security update applied by OPM and the Department of Homeland Security in January 2015 ended the bulk of the data extraction, according to congressional testimony from Andy Ozment, assistant secretary for cybersecurity and communications at DHS, even though the breach would not be discovered for months.

OPM said Thursday that individuals who underwent background investigations in or after the year 2000 are "highly likely" to have had their information compromised in the breach. (This includes both new applicants and employees that were subject to a "periodic reinvestigation" during that time.) But those who were investigated before 2000 may also have been affected...


www.nationaljournal.com/tech/hack-opm-office-personnel-management-cyber-million-20150709

3 comments:

Anonymous said...

I am surrounded by incompetents, ner-do-wells and scondrels.
And those are the good ones...Lord protect us from the Village

Also, your robot detector algoritm by reCaptcha, and an android phone is awful.

Anonymous said...

Anyone received a packet in the mail yet from the federal government officially informing you of your leaked info (detailing exactly what was leaked) and what they are planning to do about it?

The news media has put out stories but it seems that nothing has been done to officially try and contact those at risk. Even the retailer Target seemed to do a better job contacting customers last year after their massive data breach.

Anonymous said...

I have knowledge that some Federal Agencies have notified employees in large meetings, and directed them to a federal web site. No idea what retirees are to do, or contractors like the Labs

Blog Archive