The Office of Personnel Management (OPM) was breached and the Social Security numbers of every federal worker was stolen. Some of those records had surfaced on the darknet.

American Federation of Government Employees (AFGE) President David Cox said, “Based on the sketchy information OPM has provided, we believe that the Central Personnel Data File was the targeted database, and that the hackers are now in possession of all personnel data for every federal employee, every federal retiree, and up to one million former federal employees.”

The breach included: “every affected person's Social Security number, military records and veterans' status information, address, birth date, job and pay history, health insurance, life insurance, and pension information; age, gender, race, union status, and more."

Richard Blech, CEO and co-founder of Secure Channels said: “while you can get a new credit card number, you are not going to get a new Social Security number or some of the other user identity sensitive data.”

Phil Lieberman, CEO of Lieberman Software, took the federal government to task for preaching security to private industry but not taking that advice to heart itself.

“Here with OPM we have an agency entrusted with the defense of its government employees ignoring the guidance given by the government, as well as failing to implement off-the-shelf technologies that are common to the commercial realm.”

Senate Majority Leader Mitch McConnell, R-Ky., used the breach to try to push through the Cybersecurity Information Sharing Act (CISA) as an amendment to the Defense Authorization Bill.

Source: SCMagazine