It is hard to believe that ten years have gone by since the devastating hack of the US Office of Personnel Management (OPM). OPM handles all personnel matters for government employees, including all associated government documents. BTW - I was a federal employee for 20 years and I am quite confident the CCP has all my personal information. Ten years ago, that was big news. Today, the threat remains high.
US Senator Mark Warner warned the OPM last week that it should not end government contracts that were established after a massive 2015 hack to protect federal employees and others whose sensitive data was compromised. In a letter to OPM, Warner cautioned that the Department of Government Efficiency’s (DoGE) ongoing efforts to trim back government contracts should not extend to those shielding the 21.5 million people whose Social Security numbers, birthdates and addresses were accessed by China a decade ago.[1] Fingerprints and financial and medical records also were compromised for 1.1 million people affected by the hacks, Warner noted to acting OPM Director Charles Ezell.
DoGE has signaled that it may strip the identity protection services put in place to protect the employees from further victimization, said Warner, a Democrat who is vice chairman of the Intelligence Committee and represents Virginia, which has a large population of federal workers. “The federal workforce was dangerously exposed by the 2015 OPM breach, and millions of impacted individuals will continue to be at risk because of the breach, likely for the remainder of their lives,” Warner said, calling the fingerprints and health and medical records some of the “most valuable information today on the dark web.”
Congress eventually enacted legislation by Warner to establish the identity protections services as part of a larger spending bill. “Given the recent personnel cuts to OPM and Elon Musk’s imminent departure from the Trump administration, I am deeply concerned that OPM is planning to curtail identity theft monitoring for millions of public servants and their families whose information was compromised in 2015,” Warner wrote, noting that the identity protection services are required by law. Warner asked Ezell to notify Congress immediately if OPM does decide to change or eliminate the identity protection services.
OPM has been one of the federal agencies helping DOGE to implement cuts to personnel and budgets across the government. The agency did not respond to a request for comment.
This article is shared at no charge for educational and informational purposes only.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. We provide indicators of compromise information via a notification service (RedXray) or an analysis service (CTAC). For questions, comments or assistance, please contact the office directly at 1-844-492-7225, or feedback@redskyalliance.com
Weekly Cyber Intelligence Briefings:
- Reporting: https://www.redskyalliance.org/
- Website: https://www.redskyalliance.com/
- LinkedIn: https://www.linkedin.com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://register.gotowebinar.com/register/5207428251321676122
[1] https://therecord.media/opm-federal-employee-data-protection-contracts-2015-hack-warner/
Comments