U.S. Sens. Mark R. Warner (D-VA), Barbara Mikulski (D-MD), Tim Kaine (D-VA) and Ben Cardin (D-MD) called on the Office of Personnel Management (OPM) to do more to protect federal employees whose personal information was compromised as a result of the massive data breach affecting OPM’s personnel records.
“Sensitive information belonging to members of our nation’s federal workforce deserves the highest level of protection. Unfortunately, there has been a lack of clarity around the extent of the December 2014 breach and what information was accessed or acquired by the perpetrators of this cyber attack,” the members wrote in a letter to OPM Director Katherine Archuleta. “We find it unacceptable that over two months lapsed between the discovery of the breach and OPM’s public disclosure of the breach. What is even more troubling is the fact that this is the second major breach that OPM has suffered in a year. Our federal employees deserve more timely and helpful information about this breach and the potential for significant disruptive impacts on their lives.”
Last Thursday, federal officials revealed that a security database breach in December 2014 had compromised the personal information – including Social Security numbers, birthdates, and addresses – of millions of current and former federal employees. In the wake of that announcement, OPM has announced that it will offer 18 months of credit monitoring service and identity theft protection to victims of the data breach.
In the letter, the Senators from Virginia and Maryland asked that OPM provide “a significantly longer period of credit monitoring than the current proposed 18 months” for those affected by the hack, noting that, “Should the data be used for damaging purposes after the credit monitoring term has ended, federal workers must be assured that the appropriate safeguards will be in place to alert and protect them from financial harm.”
The members also asked OPM to explain why the Social Security numbers of federal employees were not encrypted, a common practice that provides an additional layer of protection for workers’ personal information.
Share
Contributors
