Latest in OPM data breach
With data breach incidents on the rise, federal courts are grappling with the issue of standing in class action lawsuits arising from data breaches.
The Office of Personnel Management (“OPM”) data breach involves the greatest theft of sensitive personnel data in history. But, to date, neither the scope nor scale of the breach, nor its significance, nor the inadequate and even self-defeating response has been fully aired.
I expected to hear from OPM after the data breach because it directed at least two of my background checks for security clearances while I was in government. Many acquaintances received notices. But I got nothing. Then just before Christmas my wife received a letter from OPM informing her that her personal information, including Social Security number, had been stolen, and offering her the standard “comprehensive suite of data theft protection and monitoring services.” There was one catch, however.
Two weeks ago the newspapers were filled with leaked threats that the U.S. government was “developing a package of unprecedented economic sanctions against Chinese companies and individuals who have benefited from their government’s cyber theft of valuable U.S.
By now, everyone knows about the OPM hack and the fact that the private and sensitive information compromised may make employees of the U.S. government—especially those with security clearances—more subject to blackmail, bribery, or extortion and more vulnerable to more realistic phishing attacks. But there’s one more aspect that needs airing.