The Justice Department has now said that victims from a recent identity fraud case may not have had their personal data exposed in that case because of the data breaches at the Office of Personnel Management that were announced in 2015.
This new information comes from a letter sent to Senator Mark Warner (D-VA) by Assistant Attorney General Stephen Boyd. Warner was one of two lawmakers who recently inquired as to how the data of current and former federal employees seemingly ended up being used in an identity fraud case involving Langley Federal Credit Union. Warner had said more information needed to be provided to victims of the OPM data breaches as to how their data was being used in this case.
Boyd explained it in his letter to Warner:
A number of the victims of this scheme [the Langley Federal Credit Union case] identified themselves to the Department of Justice as victims of the OPM data breach. However, at present, the investigation has not determined precisely how their identity information used in this case was obtained and whether it can, in fact, be sourced directly to the OPM data breach. Because the victims in this case had other things in common in terms of employment and location, it is possible that their data came from another source.
Boyd went on to say that the original press release implied a “premature conclusion” that the source of the stolen identities in the Langley Federal Credit Union case was from the OPM data breaches.
A copy of the letter is included below.