The Office of Personnel Management is reaching out to those whose Social Security numbers and other personal information may be involved in a cybersecurity breach of federal background investigation records. Office of Personnel Management letters went into the mail beginning Sept. 30, 2015, as part of a notification process that officials expect to last about 12 weeks. Recipients include active-duty service members, veterans and current, former and prospective federal employees and contractors. Spouses and cohabitants whose Social Security numbers and other personal information were included in the intrusion are also receiving letters.
The Office of Personnel Management is sending notification letters in the names of deceased individuals because each year, thieves steal the identities of nearly 2.5 million deceased Americans. To reduce the likelihood of any misuse, the government is offering identify theft protection and credit monitoring services for deceased individuals. The government is also offering identity theft protection services to any deceased individuals’ dependent children who were younger than the age of 18 as of July 1, 2015. These services include identity monitoring, identity theft insurance and identity restoration services for the next three years.
The Office of Personnel Management apologizes if the receipt of this letter causes any distress.
The deceased and any eligible dependents may be enrolled in these services through the Office of Personnel Management’s Cybersecurity Resource Center using the 25-digit personal identification number provided in the notification letter. Other personal information about the deceased, including the last four digits of the individual’s Social Security number, will be necessary to enroll. Please note that the 25-digit PIN includes only numbers and does not include any letters or special characters.
Read More »
Here’s what you need to know about the Office of Personnel Management breach:
- Do not provide your personal information to anyone who seeks it in connection with the Office of Personnel Management breach of information. No requests for confirmation of personal information will come from the Office of Personnel Management or legitimate identification experts.
- Thieves took sensitive information, including Social Security numbers of 21.5 million individuals, from background investigation databases. This includes 19.7 million background check applicants and 1.8 million nonapplicants — primarily applicants’ spouses or cohabitants. Some records also include interview findings and approximately 5.6 million include fingerprints. Usernames and passwords that applicants used on their forms are also part of the breach.
- Surviving spouses whose Social Security number and personally-identifiable information may be part of the breach will receive letters informing them that while the Office of Personnel Management is not aware of any misuse of that information, it is providing a comprehensive suite of identity theft protection and monitoring services.
- The Office of Personnel Management will offer free services including credit and identity monitoring, identity theft insurance and identity restoration until Dec. 31, 2018. The same protection and services will apply to children of those impacted by the breach.
- The Office of Personnel Management discovered a separate but related cybersecurity breach earlier in the year. It involved personnel data — such as full name, birth date, home address and Social Security number — of 4.2 million current and former federal employees. The office has already sent notifications about that earlier breach.
- The Office of Personnel Management has teamed with the Department of Homeland Security and Federal Bureau of Investigation to investigate the breaches and prevent future thefts.
Turn to the Office of Personnel Management’s Cybersecurity Resource Center to find out more about the cybersecurity breach, what steps the government is taking to protect people and what individuals can do to help protect themselves.