The Office of Personnel Management is sending out notices to individual federal workers impacted by the recent security breach on their computer networks.
Federal News Radio obtained a copy of the letter that is being sent out. This excerpt from the letter jumps right off the page:
Nothing in this letter should be construed as OPM or the U.S. Government accepting liability for any of the matters covered by this letter or for any other purpose. Any alleged issues of liability concerning OPM or the United States for the matters covered by this letter or for any other purpose are determined solely in conformance with appropriate Federal law.
The letter then adds:
We regret this incident. Please be assured that OPM remains deeply committed to protecting the privacy and security of information and has taken appropriate steps to respond to this intrusion. The incident was uncovered as a result of OPM’s aggressive effort to update its cybersecurity posture over the past year, including the addition of numerous tools and capabilities to its networks that both help detect and deter a cyberattack.
So, as the letter notes, “OPM’s aggressive effort to update its cybersecurity posture” was designed to deter a cyberattack just like the one that was reported last week.
The letter does include useful information, such as what the free protection being offered through CSID will cover for the impacted individuals. It also states that the individual is receiving the letter because his/her personal information such as Social Security number, date and place of birth, and current or former address was compromised and that next time the individual logs into the OPM systems s/he may have to change his/her password.
The letter is signed by Donna Seymour, OPM’s Chief Information Officer.