The OPM data hack: relatively speaking:
We now see, unfolding before our very eyes, what will in all likelihood prove to be only the beginning of the fallout from the hacking of the Office of Personnel Management's database of current and former federal employees. Of course, the various agencies are now scrambling to implement measures to control the damage to the individuals affected and to the agencies themselves (not necessarily in that order of priority).
In the catechism of its FAQ page, the OPM asks, "What personal information was compromised?"
The OPM then answers itself:
OPM maintains personnel records for the Federal workforce. The kind of data that may have been compromised in this incident could include name, Social Security Number, date and place of birth, and current and former addresses. It is the type of information you would typically find in a personnel file, such as job assignments, training records, and benefit selection decisions, but NOT the names of family members or beneficiaries and NOT information contained in actual policies. The notifications to potentially affected individuals will state exactly what information may have been compromised.
We thus are assured that for all of the intimate personal data hacked from our personnel files, the information regarding our loved ones remains unaffected.
In such regard, it is noted that the Standard Form 171 Application for Federal Employment includes a questionnaire regarding relatives of the applicant who are already in the federal employ. Indeed, on the various SF-171 forms I submitted during my career as a federal employee, I did specifically list some cousins so situated.
It is further noted that OPM handles the issuance of security clearances to government employees who have a need to know sensitive classified information. The Standard Form 86 Questionnaire for National Security Positions elicits an entire roster of relatives, complete with birth dates, birthplaces, and current addresses. The Lawrence Berkeley National Laboratory has already specifically cautioned that "individuals with clearances and former federal employees should monitor the news" as developments continue to occur.
Not much consolation for the spouses, parents, and children of federal employees who were granted security clearances.
The OPM has announced that "[b]eginning June 8 and continuing through June 19, OPM will be sending notifications to approximately 4 million individuals whose Personally Identifiable Information was potentially compromised in this incident."
One must wonder how the OPM will be able to ascertain the whereabouts and contact information of former federal employees such as myself who have been separated from the federal government for many years now, and who have since relocated. After all, some of the hacked data dates back to 1985.
Perhaps the Chinese hackers might be able to help OPM out.
Kenneth H. Ryesky is an attorney who has been employed by the Internal Revenue Service and by the Department of Defense.