The agency tasked with recruiting workers for the US government has fessed up to allowing the personal details of 4 million people to be stolen by hackers.
The US Office of Personnel Management (OPM) has sent out an alert to current and former government employees warning of the data breach.
"Beginning June 8 and continuing through June 19, OPM will be sending notifications to approximately 4 million individuals whose Personally Identifiable Information was potentially compromised in this incident," the OPM said.
The OPM alert does not disclose just what information was lost but said that it would provide credit monitoring and identity monitoring to all those who had their information swiped.
According to OPM, the breach was only discovered earlier this year when the agency decided it needed to improve security in its IT department.
"Within the last year, OPM has undertaken an aggressive effort to update its cybersecurity posture, adding numerous tools and capabilities to its networks," the agency said.
"As a result, in April 2015, OPM became aware of the incident affecting its information technology systems and data that predated the adoption of these security controls."
OPM maintains that since the breach was spotted, it has improved its security protections on employee data and is now working with the FBI and the US-Computer Emergency Response Team (US-Cert) to investigate the breach.
OPM is tasked with hiring the employees who staff the various US government jobs. The agency fills positions in the government in cooperation with Congress and labor unions.
The office said it will notify those who have been exposed via email or, when no email address is present, via US post. Those who have had their data leaked will be able to receive 18 months of free credit monitoring and identity theft protection. ®