…from: http://www.engadget.com/2015/07/09/hackers-stole-21-5-million-social-securit...
Hackers stole 21.5 million Social Security Numbers in government breach [blogger-avatar]by Sean Buckleyhttp://www.engadget.com/about/editors/sean-buckley/ | @seaniccushttp://twitter.com/seaniccus | July 9th, 2015
Last month, the US Office of Personnel Management (OPM) learned it was the victim of a massive cyberattackhttp://Hackers%20stole%2021.5%20million%20Social%20Security%20Numbers%20from%20government%20background%20check%20database%20%20%20Last%20month,%20the%20US%20Office%20of%20Personnel%20Management%20(OPM)%20learned%20it%20was%20the%20victim%20of%20a%20massive%20cyberattack--a%20breach%20that%20compromised%20personnel%20data%20of%204.2%20million%20current%20and%20former%20Federal%20employees.%20That's%20really%20bad.%20While%20investigating%20the%20incident,%20the%20OPM%20found%20evidence%20of%20another%20attack:%20one%20that%20compromises%20the%20privacy%20of%2021.5%20million%20individuals%20from%20the%20organizations%20background%20check%20database.%20That's%20/a%20lot/%20worse.%20%20%20According%20to%20the%20New%20York%20Times,%20the%20two%20attacks%20are%20separate,%20but%20related--though%20this%20second%20attack%20is%20obviously%20much%20bigger.%20In%20fact,%20if%20you've%20had%20a%20background%20check%20run%20through%20the%20OPM%20any%20time%20in%20the%20last%2015%20years,%20you're%20probably%20personally%20effected:%20the%20agency%20says%20any%20background%20investigation%20that%20occurred%20after%202000%20is%20/highly%20likely/%20to%20be%20compromised.%20Potentially%20compromised%20data%20can%20include%20the%20Social%20Security%20Numbers,%20fingerprints%20(for%201.1%20million%20of%20the%20aforementioned%20total),%20data%20from%20interviews%20conducted%20by%20background%20investigators%20and%20%20usernames%20and%20passwords%20used%20by%20applicants%20who%20filled%20out%20background%20check%20paperwork.%20%20%20It's%20bad,%20and%20the%20OPM%20know%20is--but%20the%20agency%20is%20trying%20to%20mitigate%20the%20situation.%20The%20organization's%20cybersecurity%20page%20has%20been%20updated%20with%20a%20list%20of%20steps%20you%20can%20take%20to%20protect%20your%20identity,%20including%20warnings%20signs%20of%20identify%20theft,%20tips%20to%20update%20your%20passwords%20and%20avoid%20phishing%20scams,%20and%20what%20to%20do%20if%20you%20think%20you%20might%20be%20a%20victim.%20If%20you%20are%20affected%20by%20the%20hack,%20the%20OPM%20is%20willing%20to%20help--affected%20individuals%20will%20be%20automatically%20be%20enrolled%20in%2018%20months%20of%20identity%20theft%20insurance,%20a%20identity%20restoration%20program%20and%20credit%20monitoring%20programs.%20%20%20Think%20you%20might%20be%20affected?%20Check%20out%20the%20source%20link%20below.--a breach that compromised personnel data of 4.2 million current and former Federal employees. That's really bad. While investigating the incidenthttp://www.engadget.com/2015/06/19/investigators-connect-massive-federal-hack-to-china/, the OPM found evidence of another attack: one that compromises the privacy of 21.5 million individuals from the organization's background check databasehttp://www.engadget.com/2015/06/30/opm-web-background-check/. That's a lot worse.
According to the New York Timeshttp://www.nytimes.com/2015/07/10/us/office-of-personnel-management-hackers-got-data-of-millions.html?smid=tw-share&_r=0, the two attacks are separate, but related--though this second attack is obviously much bigger. In fact, if you've had a background check run through the OPM any time in the last 15 years, you're probably personally effected: the agency says any background investigation that occurred after 2000 is highly likely to be compromised. Potentially compromised data can include the Social Security Numbershttp://www.engadget.com/2015/06/11/federal-hack-union/, fingerprints (for 1.1 million of the aforementioned total), data from interviews conducted by background investigators and usernames and passwords used by applicants who filled out background check paperwork.
It's bad, and the OPM knows it is--but the agency is trying to mitigate the situation. The organization's cybersecurity pagehttps://www.opm.gov/cybersecurity/ has been updated with a list of steps you can take to protect your identity, including warnings signs of identify theft, tips to update your passwords and avoid phishing scams, and what to do if you think you might be a victim. If you are affected by the hack, the OPM is willing to help--victims will be automatically be enrolled in 18 months of identity theft insurance, a identity restoration program and credit monitoring programs.
Think you might be affected? Check out:
https://www.opm.gov/cybersecurity/
How you may be affected
If you underwent a background investigation through OPM in 2000 or afterwards (which occurs through the submission of forms SF-86, SF-85, or SF-85P for either a new investigation or a reinvestigation), it is highly likely that you are impacted by the incident involving background investigations. If you underwent a background investigation prior to 2000, you still may be impacted, but it is less likely.
Wayne Billing Classroom Technology Support Audio Visual and Classroom Technology Support Computer and Network Support 130 Machray Hall Building 204-474-6649 204-807-3153 (cell) 204-474-7625 (fax) Wayne.Billing@umanitoba.camailto:Wayne.Billing@umanitoba.ca
