Still wondering if OPM cyber breach impacted you? Now you can find the answer

The Office of Personnel Management Tuesday opened its online answer desk for potential victims of the massive data breach. So far, OPM says it has sent out more...

The Office of Personnel Management has sent out more than 17 million letters to victims of the second massive data breach. But federal employees and their family members who still are waiting to hear if they were impacted by cyber attack now have a place to go and find out.

OPM officially opened the verification center for business Dec. 1, specifically for those former and current federal employees and their families who haven’t received letters, but think they may have been impacted, and for those people who have received letters but their personal identification number (PIN) isn’t working or has been lost.

But a senior OPM official is asking them to wait at least another week to 10 days until OPM finishes sending out letters to about 93 percent of the estimated 21.5 million former and current federal employees and their families.

OPM says the site will be available through the end of December 2018. OPM says if individuals cannot get their questions answered online, they may request assistance by calling 866-408-4555 and speaking with an agent. The call center will be open from 9 a.m. to 9 p.m. Eastern Standard Time, Monday through Friday.

“The individual will call or preferably go online to the verification center’s website and they will be asked for information about themselves like their Social Security number, name, date of birth, address and other information, but then they will not receive immediate feedback — a yes or no as to whether they’ve been affected,” said the senior official, who requested to speak on background in order to talk about the site before it was officially launched. “Once that information is submitted, they will receive a Postal Service letter in the mail two to four weeks later. It will include a 25-digit PIN number if they have been impacted. If they have not been impacted, the letter will state that.”

The official said the reason for the further delay in getting the notice is two-fold. First, the official said it’s related to security and protecting the current or former employees’ personal information.

“We’ve made the determination that security is really one of the most important aspects of it, and we are trading off some customer experience for security experience,” the official said. “We want to make sure that we are securing individuals’ information and that we are doing the due diligence to do verification. The verification website is not directly connected to the government database we are using for the matching or verification. The verification center will input the employees’ data, move the data to the government system to verify whether or not they were impacted. Then we will develop a mailing list through the Defense Logistics Agency and send the letters to USPS for mailing.”

The official said the second reason is related to an additional measure to protect sensitive populations in the database, such as those with top secret clearances.

OPM said back in November the verification center was close to opening and undergoing testing.

The Defense Information Systems Agency awarded a $1.8 million contract to Advanced Onion, Inc. in September to build the online notification center for OPM, as well as a system that tracks notification letters that have bounced back.

“We know we need a resource for people who have been impacted but for whatever reason haven’t received a letter, and we need a resource for people who want to find out,” the official said. “One of things we know is the way we take data out of system, like data about spouses goes away more quickly than that of applicants. We know there are 1.8 million spouses or cohabitants as part of the 21.5 million person notification, and undoubtedly more than that have been in system. We anticipate those people may believe they have been impacted, but actually their data has gone out of system but want to know their status.”

One common challenge for OPM has been keeping up with the volume of former and current federal employees calling or contacting them about the breach.

The official said the agency worked with DoD to load test the website and have performance measures in place through the contract with ID Experts awarded in September to ensure they can handle the expected call center volumes.

Read all of Federal News Radio’s coverage of the OPM Cyber Breach.

Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.

Related Stories

    Amelia Brust/Federal News NetworkFederal Acquisition, GSA

    DISA to set up notification tools for OPM cyber breach victims

    Read more
    Amelia Brust/Federal News NetworkFederal Acquisition, GSA

    Months after OPM hack, officials begin notifying victims

    Read more