OPM Cyber Security Incidents
Posted by on 20 July 2015 03:11 PM
The following consolidates information provided in ALAUX 011/15 (June 5, 2015), ALAUX 013/15 (June 13, 2015) and ALAUX 015/15 (June 23, 2015) about the recent Office of Personnel Management (OPM) cybersecurity incidents:
1. What is the nature of the incidents?
On June 4, OPM announced an intrusion impacting personnel information of current and former Federal employees. On June 12, OPM announced a separate cyber intrusion affecting systems that contain information related to background investigations of current, former, and prospective Federal Government employees from across all branches of government, as well as other individuals for whom a Federal background investigation was conducted, including contractors.
2. Who is affected?
The incidents remain under investigation by OPM, DHS, and the FBI. The investigators are working to determine the exact number and list of potentially affected individuals. OPM understands that many of you are concerned about this intrusion. As this is an ongoing investigation, please know that OPM is working to notify potentially affected individuals as soon as possible.
3. How will I be notified?
Notifications to individuals affected by this incident began on June 8 on a rolling basis through June 19. However, it may take several days beyond June 19 for a notification to arrive by email or mail. If you have any questions about whether you were among those affected by the incident announced on June 4, you may call toll-free 844-777-2743 (international callers: call collect 512-327-0705).
OPM is offering affected individuals credit monitoring services and identity theft insurance with CSID, a company that specializes in identity theft protection and fraud resolution. Additional information is available on the company's website, https://www.csid.com/opm/ and by calling toll-free 844-777-2743 (international callers: call collect 512-327-0705). More information can also be found on OPM's website: www.opm.gov.
5. Where can I find out more information?
OPM is the definitive source for information on the recent cyber incidents. Please visit OPM's website for regular updates on both incidents and for answers to frequently asked questions:
BC-UMK - believed to be accurate as of 20 July 2015