DoD paying more to protect its workers from OPM attack

The Defense Department’s bill to the Office of Personnel Management rose to $155 million last month in order to protect the 21.5 million current and former employees caught up in the cyber attack.

DoD shifted an extra $23 million from its budget to cover a suite of credit monitoring services for the department, according to a Sept. 18 reprogramming request.

The funds will go to pay for individual notifications, full service identity restoration support and victim recovery assistance. It also will fund identity theft insurance, identity monitoring for children, and continuous credit and fraud monitoring for DoD workers and contractors exposed by the OPM breach.

In July, DoD reprogrammed $132 million for the same services.

Advertisement

The Office of Personnel Management asked agencies in July to contribute money to help pay for data breach services for the victims of the massive cyber attack as well as pay a higher price in 2015 for security clearance processing.

DoD also requested to shift almost $15 million in September to support the 19.6 percent rate hike for security clearance processing that OPM is now charging.

The movement of funds must first be approved by Congress because DoD only has the authority to reprogram a certain amount of money per year.

The funds will be taken from savings realized by decreased gasoline prices. DoD’s Defense Working Capital Fund — which lets the department purchase and sell goods and items as if it were a company — has more money than expected due to volatility in the petroleum market.

DoD previously reprogrammed $132 million from the Army’s personnel accounts because of lower cost of living stipends paid overseas. The department took $17.6 million from the Navy’s selective re-enlistment bonuses account and almost $9 million from the Marine Corps’ funds to pay enlisted service members. It also found extra money from procurement accounts and operations and maintenance accounts.

The General Services Administration and the Naval Sea Systems Command released two solicitations Aug. 5 for data breach services to cover the victims of OPM’s breach and to create a long-term contract for any agency to use. ID Experts was awarded the $133 million contract to provide identity theft protection services.

OPM began sending out notification letters to the victims of the attack on Sept. 30.  The letters included information about the identity theft protection and credit monitoring services available at no cost to the individuals impacted by the breach.

Earlier this month the Defense Information Systems Agency awarded a $1.8 million contract to Advanced Onion Inc. to help find and notify the victims of the attack.

The defense and intelligence  tech company will build a website that helps users check if they’ve been impacted by the hack by securely logging into a site run by the Defense Manpower Data Center.

Under the one-year contract, Advanced Onion also will build a system that tracks notification emails that have bounced back from accounts and log why they were returned.