OPM's Hack Job on Security
A one-size-fits-all approach to credit monitoring isn't good enough.
Earlier this year, the Office of Personnel Management (OPM) discovered malicious cyber theft of background investigation records of current, former and prospective federal employees. Sensitive information was stolen, including the Social Security numbers of 21.5 million individuals. In a letter to those affected, OPM seems to have taken a one-size-fits-all approach that does not account for obvious disparities in the potential impact and threat among those whose data was stolen. From what we have learned thus far, the entry-level janitor at DHS is given the same level of “protection” as the Seal Team 6 operator, the nuclear submarine commander or the Jet Propulsion Laboratory rocket scientist whose personal data may have been compromised. “Fairness” and expediency trump common sense as the administration attempts to sweep under the rug this massive and unprecedented breach of security.
It doesn’t take that JPL rocket scientist to realize that our “adversary” (the politically correct term being used to describe the Red Chinese military hackers involved) will certainly prioritize the stolen data to identify high-value targets. The threat spectrum involved could run from targeted assassination in the worst case to blackmail, covert spying recruitment and military or economic espionage. Identity theft is one of the least damaging possibilities to anyone thinking big-picture national security.
To simply place all 21 million of the affected individuals in one group and provide them three years of credit monitoring and identity theft insurance is nice, but it’s also the height of insult and, frankly, stupid. Such boneheaded lack of vision and forethought is what brought us such a debacle in the first place. Even worse — those responsible for preventing this nightmare are still safely ensconced at OPM, a bureaucratic haven of incompetence if ever there was one. Not a single person has been fired, demoted or jailed for this incredible breach of our security, though Katherine Archuleta did step down as OPM director. Finally, we are not at all surprised to see that OPM used the disaster to ask Congress for more money.