The editorial content on this page is not provided by any of the companies mentioned, and has not been reviewed, approved or otherwise endorsed by any of these entities. Opinions expressed here are author’s alone.
The U.S. Office of Personnel Management (OPM) announced on July 9, 2015 that 21.5 million Social Security numbers along with other personal information has been stolen from government databases. The hacks were discovered in April and June in two separate investigations.
The leaked information was collected during security clearance investigations, also known as background checks. Depending on your position in the US military, chances are you have at least a Secret level clearance and possibly higher (Top Secret, SCI, etc.). This clearance was probably obtained during an SSBI, or Single Scope Background Investigation.
So what kind of information was potentially compromised?
- Social Security Numbers
- Residency and educational history
- Employment history
- Information about immediate family and personal and business acquaintances
- Health, criminal and financial history that would have been provided as part of your background investigation
- Some information regarding mental health and financial history
So what does that mean for you? OPM says “if you are a current or former Federal government employee, including members of the U.S. military, you may have been impacted by the incident.” In another paragraph OPM states that “it is highly likely that you are impacted by the incident.”
What To Do About OPM Data Breach
At this point it's probably safest to assume that your Social Security number has been compromised. OPM will be mailing out notices to those effected within the next few weeks, but it's best to take action early.
There's a few things you can do immediately:
- Start monitoring your credit score for free using Credit Sesame or any of these free credit score monitoring services. Especially watch for new lines of credit or credit requests that you did not order.
- Check your credit report from the 3 credit bureaus at AnnualCreditReport.com, the only officially free, federal government sanctioned credit report website. Looks for inquiries, lines of credit, and addresses that you don't recognize. Dispute any unauthorized or suspicious information.
- Place a “Fraud Alert” with one of the three credit bureaus. Once one company has been informed that you suspect you may be a victim of identity theft soon they must notify the other two credit bureaus. I would just place a Fraud Alert with all three to be sure though.
- Review information on IdentityTheft.gov, a Federal Trade Commission site that explains the process to recover your identity and your rights in the process.
- Watch for “phishing” and “spear phishing” emails scams. Be very wary of clicking any links or downloading any documents that appear to come to you from your bank or credit card companies.
Fraud Alert Links
OPM also noted that information about family members and close contacts (friends) that you listed on the form when you applied for your security clearance also probably leaked. However, OPM says that:
In many cases, the information about these individuals is the same as what is generally available in public forums such as online directories or social media, and therefore generally does not present the same level of risk of identity theft or other issues.
I agree that while annoying, family members and close contacts probably did not have as much personal information released. Certainly no SSNs, criminal information, mental health history, financial history, etc.
The agency is providing the following services in the coming weeks. These services will be available for those effected by the data breach for free for three years. You will be notified via mail if you've been effected by the breach so watch your mail in the coming weeks.
- Full service identity restoration support and victim recovery assistance
- Identity theft insurance
- Identity monitoring for minor children
- Continuous credit monitoring
- Fraud monitoring services beyond credit files
A call center will also be established “in the coming weeks.” If you are effected by the hack, you'll be able to call in for individual attention.
I'll be updating this post as more information comes out. You can find more details and information directly from the source on OPM's website.