OPM Data Breach

Sort by newest Sort by date
RealMoneyIssues said:
Mr. XXXX, where did you see that?


Sent from my (Daughter forcing me to use an) iPhone using Tapatalk...
Click to expand...
U.S. government hack could actually affect 18 million - CNNPolitics.com
Washington (CNN)The personal data of an estimated 18 million current, former and prospective federal employees were affected by a cyber breach at the Office of Personnel Management - more than four times the 4.2 million the agency has publicly acknowledged. The number is expected to grow, according to U.S. officials briefed on the investigation.
Click to expand...
 
OK. So I've enrolled. That matching the food thing threw me off for a bit. Those that have enrolled have you filled out al the other information; banking, passport, etc.?
 
nasa1974 said:
OK. So I've enrolled. That matching the food thing threw me off for a bit. Those that have enrolled have you filled out al the other information; banking, passport, etc.?
Click to expand...

I didn't see an option to add banking, passport, etc. information. Just name, rank & SSN. I could not match the hamburger images since only one picture looked like one. But I nailed the soup image. :cheesy:
 
nasa1974 said:
OK. So I've enrolled. That matching the food thing threw me off for a bit. Those that have enrolled have you filled out al the other information; banking, passport, etc.?
Click to expand...
No are we suppose to? Are they not supposed to have all of that information? I was going to change my password but when I tried OPM said mine was canceled due to me not using it for 15 months. I was thinking it may be better NOT to have one.:cool:
 
Skorcher said:
I didn't see an option to add banking, passport, etc. information. Just name, rank & SSN. I could not match the hamburger images since only one picture looked like one. But I nailed the soup image. :cheesy:
Click to expand...

Its there you may have to search around a little. I eventually stumbled into it. I did the fraud alerts on all three credit reporting agencies. You may want to consider security freezes as well. The protection provided doesn't protect our spouses so you may want to do the fraud alerts and/or security freeze for them as well. There are fees for the security freezes. Best of luck to us all! We'll need it!
 
nasa1974 said:
OK. So I've enrolled. That matching the food thing threw me off for a bit. Those that have enrolled have you filled out al the other information; banking, passport, etc.?
Click to expand...
Yes,I did. My Co-worker was a victim off identify theft,and his finacials were effected in such away by these hackers his attorney had him file bankruptcy. The judge apologized to him for this action knowing it was not his fault it just happens in this day and age. He joined Lifelock and has never had a problem yet,until now.
kave said:
Well got my notification when I arrived to work this morning! Ok so I get the free monitoring for the next 18 months, these hackers know that too. It's the months 19 and beyond that I'm worried about!
Click to expand...


Sent from my SAMSUNG-SM-N915A using Tapatalk
 
maui21ice said:
I heard the personal information were sent to China, and since this incident occurred, I've been hit with two $400+ transactions on a Chase Freedom credit card with both purchases being from China. My father, who is also a Federal Employee has had the same, but his totals are 8 occurrences with well over $11,000. All instances were reported and we did not have to pay.
Click to expand...

Of course we all realize, abstractly, that we did pay for the products and services received. Perhaps a product shipment was stopped but more likely received. The sellers will always pass the loss cost onward, assuming they are not small business and sent to bankruptcy, where we all pay again. Companies don't lose, employees and taxpayers and customers lose. But we don't collectively raise a stink to demand government and companies suffer when we suffer. Too busy with other things until it happens to us.
 
I knew there was a different thread from the one I posted in Thursday “FEDERAL EMPLOYEE DATA STOLEN!” and am bumping this one. Perhaps they should be combined and placed in “The Day Job/Federal Employees? I think this is too important to be fragmented in different places on the MB.

Updates are Ms Archuleta has resigned as of yesterday. You can see her blog at https://www.opm.gov/blogs/Director/

Another interesting thing is that the link to the announcement about the OPMCIO e-mail that wasn’t from the OPM CIO no longer works.

I saved a link to the URL for whatever that is worth.
Page Not Found
OPM’s Human Resources Solutions organization can help your agency answer ...

the emails will come from the sender “OPM CIO” from this address:

opmcio@csid.com. ...

One poster mentioned they were advised not to publicly divulge the e-mail address. Way too late to get that cat back in the bag as it already told all the other cats and they have all had a least one litter of kittens by now who also know.

Trying to keep it a little light but I think this subject ought to be in one thread.

PO
 
Is there any way we can get our spouses included?
My wife worked at OPM about 20 years ago and she has not gotten a letter.

Spouses PII data is part of USIS clearance investigation data.
 
Read Nasa’s links to govexec.
http://www.tsptalk.com/mb/news-and-...ployee-data-stolen-post505272.html#post505272

Reading other releases OPM does seem to admit the breaches include family members, no announcement has been made about them, other than one somewhere saying the info would be available from other sources. If I remember correctly, that statement was made about the first announced breech.

Read both threads, the links to govexec and any others you find and https://www.opm.gov/cybersecurity/. While at opm.gov look at https://www.opm.gov/news/latest-news/ . Start at https://www.opm.gov/ and follow the cybersecurity link.

Since the breach of the background information was announced (think the app is called e-quip) back in June everyone has realized that family member’s information was compromised. Everyone except maybe the US government.

Not trying to say “well duh Captain obvious” about your comment. :smile: It is good to have the question asked again.

Somewhere back in one of the threads is a reference to a statement that PII from before 2000 is less vulnerable or some such not reassuring language.

That’s all I know and why I think the two threads should be combined.

Yes pmaloney your and all the rest of us feds family members info was stolen. What the government is going to do about it to try to appease us has not yet been announced.

Much has been posted about credit monitoring and freezing accounts et. al. Other places to log in to and make sure you are being notified about any account changes are SSA.gov and whoever pays you.

If you ever filed income taxes electronically, IRS would be a good place to check but good luck figuring out how that works.

PO
 
Thanks for the reply. Also makes sense that it was e-QIP the SF 86 which was being developed as a Web Based App in the early 2000s.
 
As pointed out by a MB member, there was this article about the breech

Scammers leveraging OPM's credit monitoring offer -- FederalSoup.com
As anticipated, scammers apparently have started using the Office of Personnel Management offer of identity protection services for victims of the data breach to launch email "phishing" expeditions to trick recipients into sharing personal information.
Read the entire article and comments.

The original e-mail from opmcio@csid.com referred us to a link “https://www.csid.com/opm”.

US-CERT seems to be saying the right place is ”https://opm.csid.com”. They do all seem to take you to the same place in the end. Which is https://opm.csid.com/login.

I received a rather alarming e-mail from “opmsupport@csid.com” telling me my identity had been compromised in six ways. When I reread it every statement had “may” included. The link in the e-mail was to https://opm.csid.com. When I went to CSID by NOT clicking the link and using the link that may or may not have come from OPM when signing up, I found no alerts in the report. I also found that my free credit report was on order and would be available in December.

I think I was just phished and may have been phished by OPM.

Either “https://www.csid.com” or “https://opm.csid.com” take you to a login page https://opm.csid.com/login.

Just passing info along. I really do not know what is legit or not any more. Starting with the e-mail from “opmcio@csid.com”.
Good luck with all this everyone.

PO
 
PessOptimist said:
As pointed out by a MB member, there was this article about the breech

Scammers leveraging OPM's credit monitoring offer -- FederalSoup.com
As anticipated, scammers apparently have started using the Office of Personnel Management offer of identity protection services for victims of the data breach to launch email "phishing" expeditions to trick recipients into sharing personal information.
Read the entire article and comments.

The original e-mail from opmcio@csid.com referred us to a link “https://www.csid.com/opm”.

US-CERT seems to be saying the right place is ”https://opm.csid.com”. They do all seem to take you to the same place in the end. Which is https://opm.csid.com/login.

I received a rather alarming e-mail from “opmsupport@csid.com” telling me my identity had been compromised in six ways. When I reread it every statement had “may” included. The link in the e-mail was to https://opm.csid.com. When I went to CSID by NOT clicking the link and using the link that may or may not have come from OPM when signing up, I found no alerts in the report. I also found that my free credit report was on order and would be available in December.

I think I was just phished and may have been phished by OPM.

Either “https://www.csid.com” or “https://opm.csid.com” take you to a login page https://opm.csid.com/login.

Just passing info along. I really do not know what is legit or not any more. Starting with the e-mail from “opmcio@csid.com”.
Good luck with all this everyone.

PO
Click to expand...

when i was younger and something like this happened we used to just shrug our shoulders and say 'well roll me over and screw me in clover'. but that was before there were terabytes of personal and financial biography at risk on the ether. and probably some nude selfies, they were so much easier to limit the distribution list by polaroid.
 
burrocrat said:
when i was younger and something like this happened we used to just shrug our shoulders and say 'well roll me over and screw me in clover'. but that was before there were terabytes of personal and financial biography at risk on the ether. and probably some nude selfies, they were so much easier to limit the distribution list by polaroid.
Click to expand...
We used to have some sayings about rolling in clover but they were mostly about pleasant things.

Most of us including me are shrugging our shoulders and keeping on. Some of us are wondering about anything concerning csid.com including who opmcio at csid might really be. It wouldn’t surprise most of us if the .gov types had voluntarily turned it all over to a spoofed e-mail address. No prob for Ms Arguleta as she is now safely retired and Ms Seymour as she has taken swift decisive action to align herself with csid.

There ain’t **** we can do about it at this point except believe in the great faith we have in our employer.

Burro, I had an epiphany the other day about who you work for and what you do. You may have stated it somewhere but I missed it. Good on you for what you do. I am sure you know some asses are easier to move around than the human ones.

PO
 
I just got this emailed to me this morning.

"Your CSID identity protection report is now available. One or more of your reports have been updated."
 
Hi Nasa. Can you enlighten us on what that means? Not having received anything yet from OPM, I'm still in a read, learn and do-nothing mode. Thanks.

FS
 
FogSailing said:
Hi Nasa. Can you enlighten us on what that means? Not having received anything yet from OPM, I'm still in a read, learn and do-nothing mode. Thanks.

FS
Click to expand...

nasa1974 said:
I just got this emailed to me this morning.

"Your CSID identity protection report is now available. One or more of your reports have been updated."[/QUOTE

I'm not sure yet. My password is at home so I have to check it out later. I'll let you know.
Click to expand...
 
You must log in or register to reply here.

Similar threads

S
FEP Medicare Prescription Drug Program
Replies
6
Views
6K
evilanne
evilanne
tsptalk
  • Article Article
TSP Talk - Back to back rallies into today's CPI inflation data
Replies
0
Views
538
tsptalk
tsptalk
tsptalk
  • Article Article
TSP Talk - The jobs report was great, or was it - and does it matter?
Replies
0
Views
293
tsptalk
tsptalk
tsptalk
  • Article Article
TSP Talk - The goldilocks data sends stocks higher yet again
Replies
0
Views
1K
tsptalk
tsptalk
tsptalk
  • Article Article
TSP Talk - Stocks open strong, drift lower into Pricing Data
Replies
0
Views
3K
tsptalk
tsptalk
Back
Top