In a letter to Office of Personnel Management Director Katherine Archuleta, J. David Cox, Sr., the president of the American Federation of Government Employees, said that AFGE believes that hackers are now in possession of all personnel data on every federal employee.
Cox sent the letter to OPM today and the union is basing its conclusion on information that OPM has released. Additionally, Cox said that he believes that the Social Security numbers that were compromised were not encrypted, something he called “absolutely indefensible and outrageous.”
Cox also said that the 18 months of identity theft protection being supplied by a private contractor is not adequate and that OPM should be providing free lifetime ID theft protection.
A copy of Cox’s letter is included below.
The National Active and Retired Federal Employees Association (NARFE) responded to AFGE’s allegations, saying they believed the situation to be overstated by the union. NARFE president Richard G. Thissen said:
NARFE has asked OPM to directly respond to AFGE’s claims. However, at this point, we believe AFGE’s assessment of the breach is overstated. OPM commented to a Washington, DC, news station that it continues to believe 4.2 million individuals are affected. Additionally, OPM does not keep congressional or military employment data.
We are also asking OPM to provide additional information on those 4.2 million individuals and what personal information was exposed. NARFE feels the federal community is entitled to know the extent of the breach in order for federal employees, former employees and retirees to take the proper precautions to protect themselves.
AFGE’s allegations come on the heels of other news that came out today which said that the true extent of the breach of OPM’s computer system is probably far worse than has been reported by the government.
Sources cited by ABC News said that said that Chinese hackers were believed to have been roaming about government databases undetected for more than a year before it was discovered this spring. The sources said that hackers gained initial access to OPM’s system more than a year ago and from there four different segments of the agency’s systems, at least one of which contained forms filled out by federal employees seeking security clearances.
OPM has said that the names of family members of federal workers were not among the data compromised, however, the ABC News report also said that US officials are saying that information such as this was put in jeopardy in the security breach.
It appears that the full extent of what was compromised in the breach may not be known for some time, but we will continue to keep our users apprised of new developments.