OPM Hack Exposes Records Of 4 Million Federal Employees
RENEE MONTAGNE, HOST:
The federal government is the latest target of a massive computer hack. A data breach of the computer system at the Office of Personnel Management, or OPM, may have exposed the personal data of some 4 million current and former federal employees. Officials are pointing the finger at China, but the incident is raising questions about the response of the U.S. government. Here's NPR's Brian Naylor.
BRIAN NAYLOR, BYLINE: OPM says it discovered the breach back in April and that what it calls personally identifiable information of current and former employees was hacked. OPM says it's since taken steps to tighten security in its computer systems. Jackie Simon is policy director for the American Federation of Government Employees, the largest federal workers union. She says the government knows a lot about its workers, information that has potentially been exposed.
JACKIE SIMON: It includes their military records, their veterans status, their pay, their position, their educational records, obviously, name, address, date of birth, marital status, information on their dependents, their health insurance, their retirement, their life insurance. You know, it goes on and on.
NAYLOR: The government says it will offer those affected by the breach free credit report access and credit monitoring and identity theft insurance for 18 months. But Simon says that's not long enough.
SIMON: What if something happens 24 months from now? You know, the government has some liability for this loss, and we're going to try to make sure that it meets all of its obligations.
NAYLOR: This is the second time in less than a year that OPM's computers were hacked. The last time was a much smaller breach, and officials blamed China. And that's who authorities believe was responsible for this hack. Maine Republican Senator Susan Collins, a member of the Senate Intelligence Committee, confirmed Beijing's apparent involvement to reporters. While the hack hit OPM's computers, it's worth noting that the agency serves as the HR department for most of the federal government, so workers across the government are affected. Another question is why it took OPM so long to report the breach, especially after the Obama administration called on corporations that had been hacked to report their breaches publicly in 30 days. Jeff Williams is chief technology officer for Contrast Security, a computer security firm.
JEFF WILLIAMS: I guess it's easy to say that, you know, corporations ought to do that. But when it comes right down to their agencies getting hacked, they're not quite as quick to push for disclosure.
NAYLOR: The FBI says it's investigating this breach and will hold accountable those who pose a threat in cyberspace. Brian Naylor, NPR News, Washington. Transcript provided by NPR, Copyright NPR.