Recent reports are suggesting that the data breach of the TSP that left the personal information of approximately 123,000 federal employees exposed may go deeper than it would seem on the surface.
The Federal Retirement Thrift Investment Board (FRTIB) said that there is no evidence to suggest that the hackers responsible for the breach were misusing or disclosing the data to other parties.
However, Nextgov Senior Correspondent Aliya Sternstein reports in a recent article that there is evidence to suggest that another country might be building a database of US government employees.
Sternstein quoted cybersecurity analyst James Lewis, who advises Congress and the Obama administration, who said he has the impression that, “At least one smart country is building a data base on [U.S. government] employees, using things like TSP and social networks” and said also, “It’s hard to believe they [the perpetrators] didn’t go after any money.”
Sternstein also noted that the full extent of the data breach may not be known for a while because if the data were to be sold on the black market, it could potentially take months for the information to work its way through the system.
The Federal Times reported that Senator Susan Collins (R-ME) asked the FBI and the FRTIB why it took them so long to report the breach. Many FedSmith.com users who are TSP participants wanted to know the same thing.
According to the Federal Times article, FRTIB external affairs director Kim Weaver said that at first, the data were unreadable and it took some time to decipher them and detect a breach. The FRTIB also wanted to be sure it knew exactly who was affected so it could inform just those individuals rather than prematurely and needlessly frightening every TSP participant.
As more information becomes available we will continue to keep you updated.