Cyber verification center suffers missteps in first week

The Defense Department says the cybersecurity verification center had intermittent outages during the first three days it went online. DoD says it has fixed the...

The verification website set up by the Defense Department for former and current federal employees and their families to check if they have been impacted by the massive Office of Personnel Management cyber breach suffered a rough first week.

DoD officials said they have been troubleshooting their system after problems emerged with certain Internet browsers.

One reader sent Federal News Radio an email expressing frustration with the verification website.

“I went to the verification center website and decided to send in my request for verification, but the U.S. government’s default browser — IE — doesn’t work to send in your info,” the reader wrote. “I filled out the form and when I hit send nothing happens except a tiny notice in the bottom that says ‘Error on Page.’ Of course, it works just fine in Chrome, the non-default browser.”

DoD officials said in an email that they were aware of certain problems.

“The OPM Verification Website experienced intermittent outages from approximately 0830 ET, 2 Dec 2015 through 1700 ET 3 Dec 2015 due to a federal government network routing issue,” said a statement from DoD provided to Federal News Radio by OPM. “The issue was resolved at 1700ET 3 Dec 2015 with no subsequently reported outages.”

Federal employees and industry sources said former and current employees using Internet Explorer and some version of Google Chrome Web browsers were having trouble putting information into the verification website.

One industry source speculated the problems may have had to do with a security patch that isn’t supported by IE and some versions of Chrome.

Both Google and Microsoft issued security updates to their respective browsers over the last month, according to the U.S. Computer Emergency Readiness Team (US-CERT) at the Homeland Security Department.

“The verification center website was designed to securely protect your personal information. It has gone through a rigorous review and certification process to provide the necessary security protections,” OPM said in its latest set of frequently asked questions. “Continuous monitoring of the safety and security of the website has also been implemented.”

OPM launched the verification center on Dec. 1 that lets former and current federal employees and their families that haven’t been told their personal information stolen in the massive cyber breach impacting more than 21 million people ask if they are part of the group.

“We are sending out about 800,000 notification letters each day and we are on schedule to finish the mailing in the next two weeks. If you do not receive a letter by the middle of December, either the government could not identify a valid address for you after using both government and commercial data sources, or our records indicated that your Social Security Number was not compromised in the intrusion,” wrote acting OPM Director Beth Cobert in a Dec. 1 blog post. “So far nearly 1.2 million individuals have enrolled in the credit monitoring and identity protection services that the Federal Government is offering for three years, free of charge, to those individuals whose data was taken, and to their minor dependent children.”

DoD says the verification website continues to be a high priority.

“The government continues to monitor the site to ensure individuals who feel they may have been impacted but have not received a letter may request verification services,” DoD said in its statement. “Individuals that may be experiencing issues now or in the future should send an email to cybersecurity@opm.gov.”

This latest challenge comes on the heels of another website problem OPM faced. During Open Season, the Employee Express website struggled to handle the volume of traffic.

Read all of Federal News Radio’s coverage of the OPM Cyber Breach.

Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.

Related Stories