Awaiting your Office of Personnel Management (OPM) breach notification? Several cleared candidates report they’ve begun receiving the notifications OPM promised to roll out at the beginning of October. With nearly 20 million breached individuals to notify, don’t expect a college admissions-sized envelope – OPM is looking to save on paper. The thin note gets straight to the details – offering a link to sign up for up to three years of credit monitoring and resolution services, along with a unique pin number that can be used to do so.
OPM has learned a few things from the federal personnel files breach notification, a process met with a lot of criticism and many skeptical employees refusing to sign up. The OPM letter first directs individuals to a .gov website – a criticism from the first breach included many candidates asking why they were immediately directed to a commercial web site. But for the .com averse, the reassurance is only temporary. OPM contracted with the ID Experts to handle identity monitoring services, so you’ll still need to visit that third party website and enter your personal details in order to be eligible for the free support.
Notification letters do not specify between clearance holders, applicants, or spouses or cohabitants whose names, social security numbers and addresses may have been breached. OPM has stated that the approximately six million individuals whose fingerprints were compromised will receive a separate notification.
The OPM letter emphasizes that it will not be calling individuals.
“Please note that OPM and ID Experts will not contact you to confirm any personal information. If you are contacted by anyone asking for your personal information in relation to this incident, do not provide it.”
The OPM hack was announced just over four months ago. In the months since, many clearance holders have been asking what they can do to protect their personal information post-breach. Cybersecurity experts urge that once the data cat is out of the bag – and in this case, it is clearly out – there’s really not much affected persons can do other than wait, watch, and sign up for trustworthy credit monitoring services.
“For those who were affected by the OPM breach there is now a third truth in life; you are born, you’ll die and your data could be breached,” said cyber security expert Ondrej Krehel, founder and managing director LIFARS, in a recent interview with a ClearanceJobs.com contributor. “If you do not take your medication – which in this case is constant monitoring – it may get worse. So for the rest of your life you need to take that medication and keep the protection mechanisms in place to stay cyber healthy.”
For more information on signing up for credit monitoring services, see our article, “Should Clearance Holders Affected by the OPM Breach Sign Up for Credit Monitoring?”
It is up to the individual clearance holder whether or not they sign up for the free credit monitoring services offered, but experts strongly agree they should sign up for something. And if you have the choice between a free service, or paying for your own, the free option might just be the winning one.