OPM Breach, did you get the letter?

Sort by newest Sort by date
I bet the hack was to find out who the spies are or who they can turn into an informant/spy for them.
I'm not high enough or low enough on the food chain to get a second look.
If they try to sell the information there is so much of it they might get a buck or two per person. Wooo!!! $16-32M!!! That will pay off some of their debt. :D
 
Subject: AYSA: Memo: DoD CIO Personal Note to the Workforce on OPM Data Breach

(UNCLASSIFIED)

CLASSIFICATION: UNCLASSIFIED

SUBJECT: DoD CIO Personal Note to the Workforce on OPM Data Breach Progress

DoD Team Mates,

I am writing to update you on progress made to help those within the DoD
community who have been impacted by one of the largest data breaches ever
carried out against the U.S. Government. The second Office of Personnel
Management (OPM) data breach affected background investigation records of 21.5
million military, civilian, and contractor personnel. Attached is the postmaster
and blog that OPM that sent to its workforce earlier today, and I wanted to
address some issues for DoD in this letter.

Given the nature of our work and the requirement to hold a clearance, a large
portion of the Department was affected. I want to explain what you can expect
over the next several months as we work with our federal partners to notify as
many of you as possible.

The Government awarded a contract to Theft Guard Solutions, Inc., doing business
as ID Experts, in September 2015. ID Experts will provide a suite of identity
theft and credit monitoring services for up to three years, at no cost, to
impacted individuals and their dependent minor children.

This week, the Government began sending notification letters to impacted
individuals via U.S. Postal mail. Notifications will only be sent via postal
mail. If you are contacted by email or other means, do not provide any
information. The notification letter will come from OPM, include a unique
personal identification number (PIN), and explain the enrollment process. ID
Experts does not have your personal information, so if you decide to enroll in
credit monitoring services, you will be required to provide certain Personally
Identifiable Information (PII). We anticipate that the notification process will
take a considerable amount of time - likely several months.

Approximately 5.6 million of the affected individuals also had their
fingerprints compromised. If an individual's fingerprints were taken, this will
specifically be noted in their letter.

In addition to the services the U. S. Government is offering, there are actions
that you can take to protect yourself and your family. Please see the attached
list of tools and information to help guard yourself from risks associated with
breaches of PII.

DoD leadership will continue to provide you with information about the
notification process and how to protect your PII in the coming months. Many of
your questions may be answered at OPM's online cybersecurity resource center at
www.opm.gov/cybersecurity. I thank you for your continued cooperation and
patience as we work to notify you individually and provide you these identity
theft protections and resources.

// Signed //

T. A. Halvorsen
 
What angers me most about the OPM's "generous" offer of credit monitoring is that it applies ONLY to the impacted individuals and their dependent, minor children. That is BS. The fact is I have been a federal employee for 27 years, and my children are no longer minors, and one isn't even my dependent. But, they both WERE my dependents at the time of my last Security Clearance and their data hasn't changed. So, because they are no longer minors, they won't be negatively impacted?? That couldn't be FURTHER from the truth! They are probably at the greatest risk! How much more stupid can they be!
 
Got the letter the other week, but I feel like there's a breach of my personal info every 6 months or so now-a-days. With working for the Bureau of Prisons AND being reserve military, it's a double whammy as my chances are 2x as good for my info to get out. But I know you run that risk at any company you work for honestly.
 
Got my letter today. Same as reported before. My fingerprints are out there but NBD. Spouse, dependent children over 18 and all friends/relatives info stolen as well. Fear not! Same letter posted before but signed by the then or current acting OPM chief.

All is well. Just adding data to the thread.

PO
 
This was on Nextgov.com Friday, November 20th.
Federal Technology News and Analysis for IT Managers & Acquisition Teams


New Pentagon Website Can Tell If You Were Hacked by China
New Pentagon Website Can Tell If You Were Hacked by China - Nextgov.com

Below are some excerpts from the article. Bottom line though is that the website is not available to check unless you have been notified by OPM. There is a website mentioned in the article but I can't get into it, osd.mil.


"Anyone who has undergone a federal background check to handle classified information, or is a child or spouse of such an individual, now can visit a Pentagon-hosted website to check if personal data is in the hands of suspected Chinese spies."

"It is ready for prime time," Paul Temple, chief executive officer of Advanced Onion, the intelligence contractor that built the system, said earlier on Friday. "It is definitely up and running."

"Advanced Onion would not provide a link to the site, because the company did not have permission from the government."

"OPM spokesman Sam Schumach told Nextgov Friday evening. "It will be fully advertised within the next couple weeks," once all the mailed notifications have either been delivered or returned."

""We're right over the 13 million mark," and sending up to 800,000 letters a day, he said. All the notices should be in the mail by the first week of December, Schumach added."
 
I got a letter. It didn't specify that my records had been hacked. One of those "just as a precaution" letters.
I signed up for 3 years of free monitoring.
 
My wife and I got our letters the same day last week. I signed us up for the monitoring, to supplement my Lifelock account.

Waiting for the next breach...
 
Oh happy day.

Chairman Mao apparently has my complete vitals as well, according to OPM's letter received last week.
chairman_mao.jpg

So I wonder- why does it take OPM TWO MONTHS to send me a notice?

Must be that, alphabetically, my last name falls later in the alphabet.
 
this is all too funny. the good thing about being on the list is that your data has already been stolen a long time ago, and nothing bad has happened, it is a known quantity. the bad thing about not being on the list is that you are the next target, and there is no free monitoring safety for you. everybody wants what they don't already have.

silly rabbits, worrying about your carrots when it is the fox you should fear.
 
Got my letter in the mail yesterday. Now I'm curious, is it the most recent information or from when I first hired into the government or all of it? I hired into NASA in 1974 and retired in 2012. Then got rehired as a contractor in 2014. One of the guys I work with got hired just after me in 2014 and he got a letter. His first time applying for a government position. If my retirement information was grabbed then I have to worry about my married daughters because they are on there as beneficiaries. If the information grabbed was just after my rehire then I only have to worry about my wife's information. Sure would like to know how far back the information grab goes.
 
some of the latest on the OPM breach. Be careful out there, everyone.

https://threatpost.com/locky-targets-opm-breach-victims/121879/


See more at: Locky Targets OPM Breach Victims https://wp.me/p3AjUX-vHN
A phishing campaign pushing Locky ransomware is targeting some of the 22 million victims of the massive United States Office of Personnel Management breaches of 2014 and 2015. According to researchers at PhishMe Intelligence, the campaign involves attackers impersonating OPM representatives who are targeting government contractors and workers that have had personal information stolen from them. Related Posts Inside the RIG Exploit Kit November 4, 2016 , 5:58 pm Nymaim Dropper Updates Delivery, Obfuscation Methods October 31, 2016 , 3:57 pm Following Lull, New Campaigns Pushing Retooled ‘Pumpkin’ Locky October 25, 2016 , 1:13 pm Attackers are using phishing messages that warn targets that the OPM has detected “suspicious movements” in their bank accounts. The email goes onto ask recipients to “examine the attached scanned record.” At the bottom of the phishing attack messages is the email signature of Elis Lucas, account manager with the U.S. Office of Personnel Management. The attachment is a zip archive that when launched runs a JavaScript application that downloads and runs a sample of the Locky encryption ransomware.

See more at: Locky Targets OPM Breach Victims https://wp.me/p3AjUX-vHN
Attackers are using phishing messages that warn targets that the OPM has detected “suspicious movements” in their bank accounts. The email goes onto ask recipients to “examine the attached scanned record.” At the bottom of the phishing attack messages is the email signature of Elis Lucas, account manager with the U.S. Office of Personnel Management. The attachment is a zip archive that when launched runs a JavaScript application that downloads and runs a sample of the Locky encryption ransomware.

See more at: Locky Targets OPM Breach Victims https://wp.me/p3
 
You must log in or register to reply here.

Similar threads

tsptalk
  • Article Article
TSP Talk - Stocks mixed, and the TSP can mess up
Replies
0
Views
836
tsptalk
tsptalk
RevShark
  • Article Article
RevShark's Traditional Thanksgiving Post
Replies
0
Views
2K
RevShark
RevShark
tsptalk
  • Article Article
TSP Talk - Stocks bounce back from strange sell-off
Replies
0
Views
820
tsptalk
tsptalk
tsptalk
  • Article Article
TSP Talk: The one, two, three punch from FANG / MAGA triggers big rally
Replies
0
Views
365
tsptalk
tsptalk
tsptalk
  • Article Article
TSP Talk: A pause in the action, or the end of the rally?
Replies
0
Views
622
tsptalk
tsptalk
Back
Top