A reader notified FedSmith.com yesterday that there has been a problem with a portion of the website run by the Office of Personnel Management (OPM). The affected portion of the website was apparently Retirement and Information Services Online.
This site is where many retirees go to obtain information about their annuity information, tax information, etc. The services available through the website include:
- Change your Federal and State Income Tax Withholding
- Change your Mailing Address
- Change your Password
- Establish an Allotment to an Organization
- Request Duplicate Annuity Booklet
- Set up a Checking or Savings Allotment
- Sign up for Direct Deposit of your Payment
- Update your Email Address/Opt-in to Receive Information Electronically
- View/Print Annuity Statement/Verification of Income
- View/Print 1099-R Tax Forms
- View/Print Retirement Services Reference
Card (ID Card) - View/Print Verification of Life Insurance (FEGLI)
- View the Status of your Case while in Interim Pay
This portion of the website requires a claim number and a password to enter. The FedSmith reader noted: “I am retired. Put my case number and password in. I got someone else’s account. Three times! I called and after 40 minutes, got someone. He acted very nervous clearing his throat at each question I had. I looked up and called the annuitant to advise him that his info was available to me. He had the same problem and got the info to someone else. He and I both fear OPM has been hacked.”
OPM subsequently closed off the portion of the website used by federal retirees on Monday (January 12, 2015) after it became aware of the problem that exposed user accounts to unauthorized access.
According to an OPM representative: “We have reviewed the situation, made adjustments and have reopened the website for use. We are reviewing the data from the short period of time it was opened yesterday (Monday, 1/12/15), to determine what, if any data, may have been exposed erroneously. We will contact those annuitants who we know or we believe may have had their information exposed. We will provide them information about what transpired and provide further info as appropriate regarding other services (credit monitoring, Etc.). At this point, we believe the impact to be very minimal.”
The website is up and running again with no apparent problems as we were not able to duplicate the problem experienced by the FedSmith readers yesterday.