GSA, Navy start the clock on giving 22 million data breach victims protections

The 22 million victims of the second data breach suffered by the Office of Personnel Management are one step closer to getting protections.

The General Services Administration and Naval Sea Systems Command released request for quotes late Tuesday night for both a new credit monitoring and identity protection contract and the first task order under that contract.

GSA delayed issuing the much-awaited solicitation for data breach services by about a week. GSA and the Navy took over the acquisition aspects for the second data breach. OPM’s first award to Winvale and CSID raised some eyebrows in the federal community and especially on Capitol Hill.

Under the first task order, the Naval Sea Systems Command is looking for vendors to provide commercially available data breach recovery services, which include credit and identity monitoring services, identity theft insurance, identity restoration services, as well as website services and call center services.

The RFQ also requires the vendor to provide services to an estimated 6.4 million federal employee dependents that may have been impacted by the breach. This could bring the total number of victims to more than 28 million depending on how many dependents are impacted as well.

The GSA-led blanket purchase agreement is a broad solicitation covering 11 services including risk assessment and mitigation, data breach analysis and comprehensive protection services.

GSA says it expects the Office of Management and Budget to give the BPA “a strong usage designation.”

The deadline to submit bids for both the BPA and the first task order is Aug. 14. GSA and the Navy expect to make awards by Aug. 21.

“The requirements included in this RFQ were developed by a federal interagency working group with representatives from the Office of Management and Budget, Office of Personnel Management, Department of Defense, Department of Homeland Security, Federal Trade Commission, and GSA,” the agency wrote in the RFQ. “As this solution supports core category management principles to reduce duplication and promote best-in-class solutions, the government expects the resulting BPAs to be the preferred source for federal agencies to acquire data breach response and protection services and will be available for use by all federal agencies. The Office of Management and Budget may provide further instructions to federal agencies on use of this vehicle.”

Read all of Federal News Radio’s coverage of the OPM Cyber Breach.

Related Stories

    Federal News Radio pinwheel icon

    GSA, Navy start the clock on giving 22 million data breach victims protections

    Read more
    Federal News Radio pinwheel icon

    House lawmakers zero in on concerns about credit monitoring contract

    Read more

Comments