The number of individuals affected by the Office of Personnel Management's (OPM) data breach continues to grow and grow. Initially, OPM estimated the breach affected 4.2 million Government workers. Since then, the estimate rose to 14 million people and yesterday, CNN reported the breach has reached 18 million people - current and former Government employees, applicants for Government jobs, and contractor personnel applications for security clearances.
Yesterday, the OPM Director Katherine Archuleta, testifying before Congress stated that no one at OPM was responsible for the breach. She blamed a Government contractor who performed background checks on people applying for security clearances of carelessly guarding the keys to data. She also blamed antiquated computer systems in OPM that are badly in need of upgrades. Don't know how far those excuses are going to get the Director - many in Congress are calling for her resignation.
The actual number of people affected by the data breach is undoubtedly much higher than any current estimate. The hacked database that stores information used for security clearances (e.g. the SF86 questionnaires) contains private information of family members and other associates for every Government official affected.
Government contractors need to be cognizant of the fact that they too are at risk. Not only do they have "cleared" employees but their ranks are full of former Government employees whose personal information has probably been compromised. One of the great fears expressed by various pundits expounding on the matter is the fact that Government workers and contract employees holding security clearances might be susceptible to blackmail if those purloined records contain any compromising information.
Contractors should consider what, if any, actions they need to take to mitigate possible adversities from having employees' information compromised.
No comments:
Post a Comment