On June 4, 2015, the Office of Personnel Management (“OPM”) announced it would notify approximately four million current and former federal applicants and employees that its software system had been hacked and employees’ personal identifiable information (“PII”) had been stolen. In order to access the OPM’s database, hackers stole valid user credentials. By using credentials to get into the software system, hackers could sneak data out of the network over the Internet, hiding its activity internally among normal traffic. OPM has placed the blame on KeyPoint, a private OPM contractor that handles federal background checks, stating that hackers “leveraged a compromised KeyPoint users credential to gain access to the OPM network.”
Following OPM’s June 4 disclosure, CNN reported that 18 million federal employees and contractors potentially had their PII stolen in the breach. Officials have reported that hackers stole OPM files that contain employee performance records, employment history, employment benefits information, federal job applications, resumes, school transcripts, documentation of military service, and birth certificates. The compromised federal job applications include social security numbers, mailing addresses, birthplaces, and other names used. Hackers have also accessed SF-86 forms, which all service members and civilians seeking security clearance are required to fill out. The SF-86 forms require federal applicants to disclose personal information about details on alcohol and drug use, mental illness, credit ratings, bankruptcies, arrest records, and court actions.
Girard Gibbs Files a Class Action Lawsuit
On June 29, 2015, Girard Gibbs LLP filed a class action against the OPM, OPM’s officers, and KeyPoint on behalf of current, former, and prospective employees and contractors whose personal information was compromised in the data breach. Plaintiffs allege that the Office of Personnel Management failed to maintain federally mandated security measures and KeyPoint negligently failed to protect its security credentials, making OPM’s networks vulnerable to attack. You can read a copy of the complaint here.
Has your information been affected by the OPM data breach?
If you are a current or former employee of the federal government and you believe your personal information has been compromised, we would like to hear from you. Please fill out the form on the right or call toll-free at (866) 981-4800 if you would like to speak to a privacy attorney.