Victims of US gov't mega-breach still haven't been notified

Affected workers to receive aid starting 'later this month'

Nearly three months after the US Office of Personnel Management (OPM) discovered its databases had been compromised by Chinese hackers, the government still hasn't notified the employees and contractors affected by the breach.

On Tuesday, the OPM said it planned to start the process of informing victims "later this month," and that reaching everyone is expected to take several weeks.

The Department of Defense will send notifications directly to affected people by postal mail, the agency said.

"Millions of individuals, through no fault of their own, had their personal information stolen and we're committed to standing by them, supporting them, and protecting them against further victimization," OPM acting director Beth Cobert said in a statement, adding, "And as someone whose own information was stolen, I completely understand the concern and frustration people are feeling."

The OPM first noticed the hacking incidents in June, although it was later determined that the attackers had probably been slurping data from the agency's systems for more than a year.

At first it was thought that around 4 million individuals' records had been snaffled. But after a second leak was discovered, the total figure eventually ballooned to 21.5 million. Nearly all of them are still waiting to be notified as to whether they were affected.

Among the data that is thought to have leaked are records of Standard Form 86, an exhaustive questionnaire designed for people who are requesting security clearances. It covers just about every personal and financial detail about each applicant, including employment, criminal, and health records.

Naturally, many of the people whose information is now in the hands of the hackers – who are believed to have ties to the Chinese government – are currently employed in sensitive positions at various levels of the US government and military, making this particular data breach especially egregious.

Also on Tuesday, the OPM said it has secured a contract with a company to provide identity theft protection and monitoring services for everyone affected by the breach. Identity Theft Guard Solutions, doing business as ID Experts, will provide these services for free to victims and their dependent children under the age of 18 for a period of three years.

The total cost of the contract to the government will be $133,263,550 (£87,075,070), OPM said. By comparison, it earlier asked Congress for $21m to secure the systems that allowed the leak.

Anyone who's worried that they may be one of the ones whose information has been snatched can find more information and sign up for email alerts here. ®

Broader topics

Other stories you might like

  • China 'must seize TSMC' if the US were to impose sanctions
    So says Chinese economist, but it wouldn't achieve much if Taiwan destroyed its fabs first

    China should seize Taiwan to gain control of TSMC if the United States and its allies impose sanctions against the Middle Kingdom like those now in place against Russia, according to a prominent Chinese economist.

    The move follows the suggestion last year out of the US that Taiwan should be prepared to destroy its semiconductor factories if China were to invade.

    This latest development comes in a speech by Chen Wenling, chief economist for the China Center for International Economic Exchanges, delivered at the China-US Forum hosted by the Chongyang Institute for Financial Studies at Renmin University of China at the end of May. The text of the speech was posted to the Guancha (Observer) online news site.

    Continue reading
  • Former chip research professor jailed for not disclosing Chinese patents
    This is how Beijing illegally accesses US tech, say Feds

    The former director of the University of Arkansas’ High Density Electronics Center, a research facility that specialises in electronic packaging and multichip technology, has been jailed for a year for failing to disclose Chinese patents for his inventions.

    Professor Simon Saw-Teong Ang was in 2020 indicted for wire fraud and passport fraud, with the charges arising from what the US Department of Justice described as a failure to disclose “ties to companies and institutions in China” to the University of Arkansas or to the US government agencies for which the High Density Electronics Center conducted research under contract.

    At the time of the indictment, then assistant attorney general for national security John C. Demers described Ang’s actions as “a hallmark of the China’s targeting of research and academic collaborations within the United States in order to obtain U.S. technology illegally.” The DoJ statement about the indictment said Ang’s actions had negatively impacted NASA and the US Air Force.

    Continue reading
  • TikTok US traffic defaults to Oracle Cloud, Beijing can (allegedly) still have a look
    Alibaba hinted the gig was worth millions each year

    The US arm of Chinese social video app TikTok has revealed that it has changed the default location used to store users' creations to Oracle Cloud's stateside operations – a day after being accused of allowing its Chinese parent company to access American users' personal data.

    "Today, 100 percent of US user traffic is being routed to Oracle Cloud Infrastructure," the company stated in a post dated June 18.

    "For more than a year, we've been working with Oracle on several measures as part of our commercial relationship to better safeguard our app, systems, and the security of US user data," the post continues. "We still use our US and Singapore datacenters for backup, but as we continue our work we expect to delete US users' private data from our own datacenters and fully pivot to Oracle cloud servers located in the US."

    Continue reading
  • Whatever hit the Moon in March, it left this weird double crater
    NASA probe reveals strange hole created by suspected Chinese junk

    Pic When space junk crashed into the Moon earlier this year, it made not one but two craters on the lunar surface, judging from images revealed by NASA on Friday.

    Astronomers predicted a mysterious object would hit the Moon on March 4 after tracking the debris for months. The object was large, and believed to be a spent rocket booster from the Chinese National Space Administration's Long March 3C vehicle that launched the Chang'e 5-T1 spacecraft in 2014.

    The details are fuzzy. Space agencies tend to monitor junk closer to home, and don't really keep an eye on what might be littering other planetary objects. It was difficult to confirm the nature of the crash; experts reckoned it would probably leave behind a crater. Now, NASA's Lunar Reconnaissance Orbiter (LRO) has spied telltale signs of an impact at the surface. Pictures taken by the probe reveal an odd hole shaped like a peanut shell on the surface of the Moon, presumably caused by the Chinese junk.

    Continue reading

Biting the hand that feeds IT © 1998–2022