The United States Office of Personnel Management (OPM), which oversees all civilian government workers, was hacked. What makes this OPM hack so scary is that many of the records obtained were SF-86 forms containing very sensitive and personal information from background checks performed on potential employees. Along with the information, hackers got away with millions of fingerprints. The OPM data breach led to a congressional hearing and, eventually, the resignation of the CEO due to shoddy security practices that allowed the data breach to happen. Even after an exhaustive investigation, exactly how the breach occurred is still not clear, which is concerning. How can the OPM protect against future attacks if they cannot discern how this one happened?
When Was the OPM Data Breach?
The OPM hack occurred during a few attacks beginning in November of 2013 and continuing until May 7, 2014. It wasn’t discovered until April 15, 2015. OPM officials estimated roughly 4 million people’s records were stolen during this incident. U.S. federal officials claim this is one of the largest government data breaches in history. In August of 2017, the FBI caught and arrested a Chinese national (Yu Pingan) thought to be responsible for the malware which stole the content.
How to Check if Your Data Was Breached
Although there is no public website where you can visit to check to see if your information was among that which was stolen, you can contact the OPM directly to inquire. The FTC and FBI have been heavily involved in the investigation, and they may have additional information for victims as well.
Victim of OPM Hack? Here's What to Do
If you worked for the government or applied for a job and were one of the unfortunate people to have their private information stolen during this OPM data breach, you should take a few steps immediately.
- The first and most important one is to protect your credit by getting a copy of your credit report and signing up for ongoing credit monitoring services with a reputable company like IDStrong.com.
- You should also continue to monitor all your credits and bank statements scouring for illegal activity each month.
- Be sure to watch out for scam or phishing emails and never click any links or download attachments, especially if the email has strong language urging you to do something quickly.
- You may also contact the authorities and report any fraud or identity theft if it occurs.
Can OPM Breach Information be Used for Identity Theft?
The OPM hack included such vast and overreaching personal information from background checks there is no telling how many ways cybercriminal might use this data to gain access to credit card or bank accounts, steal identities or worse. Along with personal details, more specific lifestyle information would have been included making it easy for hackers to breach logins and affect other areas of life. You cannot be too careful when protecting yourself against identity theft.
How to Protect Yourself from Cases Like OPM Hack
Unfortunately for OPM and the victims, the damage is done. Going forward, however, there are things to do to protect yourself and keep your identity safe. First and foremost, never give out any personal information to anyone unless absolutely necessary.
- Ask about security protocols and how and where your data will be stored.
- Limit your credit card usage online and never use a debit card to pay for things online.
- Monitor your bank and credit card statements carefully each month and look for fraud. If you find any suspicious activity, alert your banking institution immediately.
- Keep your computer updated with the latest antivirus software and run scans often.
- Watch out for suspicious-sounding emails; they could be phishing attempts that might infect your computer with a virus, malware, or ransomware.