OPM Bungled Response to Massive Data Hack
Somebody might want to give Tim Cook a call.
An audit by the Office of Personnel Management’s Office of Inspector General found that the agency whose job is to secure the personal data of all federal employees past, present and potential future has still not recovered from the hack in June. The cyber intrusion, probably done by the Chinese military, netted sensitive data from about 21 million of federal employees, and still, months later, OPM is working on notifying every employee the status on their data. But hey, it’s about 93% done, with 1.5 million employees left. The Inspector General also found that the agency has not yet fully investigated all their servers for intrusion, nor has it beefed its cyber security to the extent that it meet requirements. Furthermore, the office didn’t get its own IT department until a year before the hack was discovered. For the sake of the member of Seal Team 6 to the janitor scrubbing the U.S. Capitol’s toilets, OPM must radically change its approach towards cybersecurity. If not, then perhaps lawmakers should consider outsourcing the task to an American company with a track record better than that of OPM — take your pick from Silicon Valley. As a parting thought, think of all that money the agency will spend on credit monitoring for every single federal employee affected by the data breach. Anyone want to venture a guess into how many IT professionals OPM could have hired for the amount?