Last week the U.S. federal government announced a massive data breach occurred that targeted millions of federal employees. And Friday (June 12), there were new indications of just how deep and far-flung the attack was.
In a June 11 letter penned by J. David Cox, president of the American Federation of Federal Employees — which represents more than 670,000 workers — and addressed to Katherine Archuleta, who heads the Office of Personnel and Management, it emerged that hackers compromised data the data of every federal employee, retiree, and up to 1 million former federal employees, Re/Code reported.
The scope of data pilfered runs the gamut from “every person’s Social Security number, military records, veterans’ status information, address, birth date, job and pay history, health insurance, life insurance and pension information,” Cox’s letter notes. Initial reports have put the number of individuals compromised at roughly 4 million, with a criminal investigation via the FBI ongoing.
The letter also states that Cox’s organization believes the Social Security data, in particular, was not in fact encrypted – an oversight that constitutes a “cybersecurity failure that is absolutely indefensible and outrageous.”
In a recommendation for redress, Cox wrote that the government should offer employees lifetime credit monitoring, significantly above the 18 months of monitoring that has thus far been offered, and liability insurance to cover breach-related costs.
Thus far, the FBI has not explicitly indicated who might be responsible for the breach. Earlier in the week, members of the U.S. Senate Intelligence Committee said that the attack appears to be state-sponsored, with reports indicating that China may have been behind the attack. Separately, two committee members held a conference call with reporters to push for an additional $32 million in funding, as requested by OPM, for technology upgrades at the agency.
To check out what else is HOT in the world of payments, click here.