OPM warns 48,439 federal employees of data exposure

This story was updated on Dec. 19 at 7:41 a.m. with additional details. The Office of Personnel Management announced that “out of an abundance of caution” it would notify 48,439 federal employees that their personally identifiable data may have been exposed due to a compromised computer network at KeyPoint Government Solutions, the largest private provider of background check services for the federal government. “While there was no conclusive evidence to confirm sensitive information was removed from the system, it is possible that personally identifiable data may have been exposed,” OPM said in a statement obtained by Federal News Radio. Nathaly Arriola, speaking for the personnel office, said it will offer credit monitoring at no cost to those affected by the breach. OPM and its agency partners finished an investigation that confirmed that KeyPoint’s computer network had been compromised. In an earlier email within the agency, Donna Seymour, the chief information officer, said KeyPoint had added “numerous controls to continue to conduct business with the company without interruption.” She also said that 50 OPM workers had been affected by the breach but neither she nor Arriola would identify the other federal agencies with workers whose files were possibly affected. Neither Arriola nor Seymour said when the latest strike occurred or was reported to federal authorities, or whether a foreign state was suspected. “We take very seriously our responsibility to protect sensitive data in background investigations, and our top priority is to make sure the networks that handle that data are secure,” OPM said. “KeyPoint has worked closely with OPM to implement additional security controls that will afford its network greater protection.” This isn’t the first time this year that federal employees have faced the possibility of having their personal data exposed by hackers. An investigation revealed that Chinese hackers had broken into OPM’s own networks in March, accessing the files of tens of thousands of federal employees seeking top-secret clearances. KeyPoint became the largest private clearance firm working for federal agencies several months ago after rival contractor USIS lost its investigations business with the government following a devastating cyberattack reported earlier this year. The USIS breach, similar to previous hacking episodes traced to China, tainted the files of at least 25,000 DHS employees and prompted the personnel office’s decision to halt all of USIS’ government field work. That move led to the cancelation of more than $300 million in contracts with USIS. The Associated Press contributed to this story RELATED STORIES: Official says hackers hit up to 25,000 fed workers OPM’s crackdown on background check fraud leads to jail time — for some

Copyright © 2019 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.