No One Trusts OPM Not to Get Hacked Again:
After a catastrophic hack that left the data of millions of government employees exposed, it seems that the Office of Personnel Management (OPM) cannot restore trust. Officials announced Friday that the Pentagon will oversee the security of employee data, and a new department will be formed within OPM to oversee background checks.
The new department is titled the National Background Investigations Bureau, the Washington Post reports, and will take over background investigations and security clearances from OPM’s Federal Investigative Services.
Source: Vice Magazine
The government officially launched a Web site Tuesday to help people check if their personal information was compromised in a massive breach of background-check files — six months after the breach was disclosed. The site is the latest sign that the government is still trying to get in touch with the more than 21 million people whose data was compromised in the cyberattack against the Office of Personnel Management database.
The pace of the government’s response has drawn complaints from some consumer advocates. “It’s incredible how long this is taking OPM,” said Ed Mierzwinski, the federal consumer program director at U.S. PIRG, the federation of state public interest research groups.
Source: Washington Post
OPM Now Admits 5.6m Feds’ Fingerprints Were Stolen By Hackers:
When hackers steal your password, you change it. When hackers steal your fingerprints, they’ve got an unchangeable credential that lets them spoof your identity for life. When they steal 5.6 million of those irrevocable biometric identifiers from U.S. federal employees—many with secret clearances—well, that’s very bad.
Source: Wired
AFTER WEEKS OF speculation about the fate of Katherine Archuleta, beleaguered director of the Office of Personnel Management, she tendered her resignation today.
She has been under fire since the OPM disclosed in June that it had been hacked and had failed to notice for a year, as data on about four million current and former federal workers was siphoned from the agency’s networks.
But the clamor for her dismissal grew deafening after it was revealed last month that the breach didn’t just involve the personnel records of current and former workers but also a database for storing sensitive information about background investigations conducted on people seeking a security clearance. That breach affected some 21.5 million people—not only federal workers but friends, family members and others who were interviewed over the last twenty years for security clearance applications.
Source: Wired
Why The OPM Breach Is Such a Security and Privacy Debacle:
If it’s not already a maxim, it should be: Every big hack discovered will eventually prove to be more serious than first believed. That’s holding to be especially true with the recently disclosed hack of the federal Office of Personnel Management, the government’s human resources division.
At first, the government said the breach exposed the personal information of approximately four million people—information such as Social Security numbers, birthdates and addresses of current and former federal workers. Wrong.
It turns out the hackers, who are believed to be from China, also accessed so-called SF-86 forms, documents used for conducting background checks for worker security clearances. The forms can contain a wealth of sensitive data not only about workers seeking security clearance, but also about their friends, spouses and other family members. They can also include potentially sensitive information about the applicant’s interactions with foreign nationals—information that could be used against those nationals in their own country.