OPM hacked to the tune of 18 million victims
Fox News reports that the Office of Personnel Management has admitted that hackers have stolen the personally identifiable information (PII) of more than 18 million people. But, don’t worry, the OPM director, Katherine Archuleta, says that her agency is not to blame;
Grilled on whether anyone takes responsibility, Archuleta said only the perpetrators should be blamed — she said current failures result from decades of meager investment in security systems, but said changes are being made and in fact helped detect the latest breaches.
Yeah, it would be the bank robbers’ fault if they went in the bank and stolen money, but it’s the banker’s fault that the money is stolen if the banker starts storing the money on the sidewalk.
The Office of Personnel Management initially estimated about 4 million current and former government workers were affected by one of the hacks. But Fox News is told by multiple sources that lawmakers have been informed the number will grow to at least 18 million — and could, according to one source, soar to as high as 30 million.
I had to put the information of my family on the application for my security clearance, so I can see how the numbers would balloon. I guess no one in this administration is responsible for anything anymore.
Their contractor can go pound sand, too. I’m not putting my PII on another website for someone to lose. Lifelock tells me that they’ll do the same thing to monitor my information.
Category: Dumbass Bullshit
This is complete Bull Shit!
Hackers are one problem, but so are all the ‘legitimate’ sites that you give your information to. They say they don’t ‘share’ your information. They don’t have to. Example: I bought a car in January. I knew the kind I wanted and where to buy it, so I didn’t need to do any kind of market research online beforehand. I bought the car on a Saturday. On Monday, THERE WERE ADS DIRECTED TO ME, BOTH BY EMAIL AND POPUP, FOR THE KIND OF CAR AND ITS PRODUCTS THAT I BOUGHT. Now, granted, the information was given to a commercial company that makes money with marketing. My point is, the link between me, my credit, probably my bank, and my car purchase, is out there. So even though I don’t like hackers, how much worse can they be
than what we do when we put multiple links to ourselves out there every time we swipe a card?
So how far exactly does this go? Civilian government employees? DoD? Active, reserve, retired military? How far back?
You’d think simple questions had simple answers.
One report I read said mid-80s, anyone who has had a security clearance since then…military, civilian, AC, or RC. Yes, this is bad.
Link, please? I haven’t seen anything that explicitly gave a start date, and I’d certainly like to know how far back this went.
I’ve seen it in several places – “The data goes back to 1985”
https://www.yahoo.com/tech/s/data-obtained-u-government-hack-dates-back-1985-164013358–sector.html
Missed that. Thanks.
Jeezuz! what a farking mess
Oh, fucking great.
Unclear at this point, SEA. But it could end up being pretty bad.
Per public reports, there have been 2 distinct breaches. The first concerned OPM records. The second appears to have involved security clearance applications.
http://www.navytimes.com/story/military/2015/06/17/sf-86-security-clearance-breach-troops-affected-opm/28866125/
http://www.forbes.com/sites/katevinton/2015/06/12/report-new-government-data-breach-includes-sensitive-military-intelligence-personnel-data/
I haven’t seen any word on how far back the breach goes, chronologically.
Hondo, what’s your opinion on how far back such a breach would be pertinent? In other words, would something like a clearance obtained in the 1980’s be of any value to the hackers? Or would they be looking for fresher fish?
Not exactly my area of professional expertise, PN. And also not something I think best discussed in an open forum, so I’ll pass on speculating.
So would this be the reason why I got the odd letter in the mail on Friday, I’m guessing Friday I wasn’t home. Stating what I can do to secure my PII. I thought it was a joke at first.
My info has already been hacked by Home Depot, Target and Blue Cross Blue Shield and I have alerts on my credit as well as free monitoring and credit shield some company is paying for for me, wife and kids personal info because of the last hack so, HACK AWAY. At what point can’t my PII be hacked and alerted and put on security status any more.
It’s like being a little bit pregnant.
And, oh, by the way, Mr. Bernath, smartest lawyer in the entire world, it’s PII, look it up. Don’t try to make corrections blaming my ALS when you can’t make a simple Google search, you stupid bonehead. Tell Stephen Hawking ALS has made him dumber, asshole.
given today’s news stories about the lawsuit and the anesthesiologist, I am surprised Bernath is not busy scheduling colonoscopies. $$$$
Well, that might be one way his butt could make some money.
Which end would get the camera?
I really don’t understand why this is not getting more attention and why more people are not upset. This is an espionage dream come true. We have exposed all of our folks with any kind of security clearnace to CI and manipulation. The hackers apparently also had access to JPAS. I am not so much concerned for myself (I have been doing this a long time and I am just about done). I am concerned about all the other information the SF86/eQIP collected, as well as the investigation findings. This is bad, very bad. The following is an excellent article explaining just how extensive this breach is: http://arstechnica.com/security/2015/06/epic-fail-how-opm-hackers-tapped-the-mother-lode-of-espionage-data/
I agree. Windfall to the highest bidder.
I am so glad I stopped working for any government group a LOOOOONGGGG time ago!
How come there are no howling fits coming out of Congress about this? Isn’t their PII in there somewhere, too? They all have clearances, don’t they?
Can I get my tax money back?
It has already been reported that an OPM employee, while it Venezuela, communicated over the OPM system to a coworker who was, guess where…China. So yes they, their employees and said employees lack of common sense, care and due diligence are at fault.
Reference TAH thread at:
http://valorguardians.com/blog/?p=60482&cpage=1
Where “the Department of Homeland Security Assistant Secretary for Cybersecurity Dr. Andy Ozment told the House Oversight and Government Reform Committee that the systems administrator for the information “was in Argentina and his co-worker was physically located in the [People’s Republic of China].”
You would think that “THE Systems Administrator for the information”, would know f’ing better, wouldn’t you?
I think it means that the hacker with the systems administrator’s credentials was in Venezuela. Not that actual administrator was in Venezuela.
Still waiting on my letter or email. We get emails from the VA CIO patting himself on the back while insinuating it’s the employees fault this happened. Mother Fuckers. Meanwhile I’m getting stupid texts that my bank Accts are being suspended. Not true. Something tells me they will try to leave a lot of us holding the bag. And it will be our faults it happened anyway.
There are no words.
Saying I am stunned, shocked, appalled would imply I didn’t think it possible.
Which I do/did. Now I am wondering how we got here and how we get out of it.
If you or I allowed people’s PII to be stolen, we would be fined into extinction, or thrown in jail to rot. Or both.