OPM Hit By Class Action Lawsuit, and Those Phishing Scams You Feared Over #OPMHack Are Real (Corrected)

June 30, 2015 By domani spero in Contractors, Court Cases, Disasters, Federal Agencies, Huh? News, Scams, Security, Social Media, State Department, Technology and Work, Trends Tags: AFGE, American Federation of Government Employees, “phishing” attacks, class action lawsuit, CSID, data breach, Donna Seymour, Katherine Archuleta, Keypoint Government Solutions, OPM, OPM hack, US-CERT

Posted: 7:16 pm EDT
[twitter-follow screen_name=’Diplopundit’ ]

The largest federal employee union, the American Federation of Government Employees, filed a class action lawsuit today against the Office of Personnel Management, its director, Katherine Archuleta, its chief information officer, Donna Seymour and Keypoint Government Solutions, an OPM contractor.
.

AFGE Files Class Action Lawsuit against OPM over Data Breach–> https://t.co/iybU0aYl38 pic.twitter.com/uqVK0Nf0Ip

— AFGE (@AFGENational) June 30, 2015

OPM hit by class-action suit over breach of federal employee data http://t.co/Y5v3ruaUfq via @CIOonline

— Diplopundit (@Diplopundit) June 30, 2015

.
A couple of weeks ago, we thought that the “recipe” from the OPM email notification sent to potentially affected employees via email might be copied by online scammers.

After OPM hack, US triggered ‘phishing’ fears with notification emails to federal employees: http://t.co/0S5CIi9gVj

— Stars and Stripes (@starsandstripes) June 26, 2015

Today, the United States Computer Emergency Readiness Team (US-CERT), part of part of DHS’ National Cybersecurity and Communications Integration Center (NCCIC) issued an alert on phishing campaigns masquerading as emails from the Office of Personnel Management (OPM) or the identity protection firm CSID.

OPM Identity-Protection Phishing Campaigns: Original release date: June 30, 2015US-CERT is aware of phishing c… http://t.co/gYMyoAUkLY

— US-CERT (@USCERT_gov) June 30, 2015

Senators Perdue and Kaine Sponsor Improving Department of State Oversight Act of 2015

June 30, 2015 By domani spero in Congress, Diplomatic Security, Foreign Service, Oversight, Senators, State Department, Technology and Work Tags: Bureau of Diplomatic Security, S.1527 - Improving Department of State Oversight Act of 2015, Sen. David Perdue [R-GA], Sen. Tim Kaine [D-VA], SFRC, SIGIR, State/OIG 1 Comment

Posted: 12:27 am EDT
[twitter-follow screen_name=’Diplopundit’ ]

Last month, Sen. Perdue, David [R-GA] and Sen. Kaine, Tim [D-VA] introduced S.1527 – Improving Department of State Oversight Act of 2015. Read the full text of the bill here. Here is a summary via CRS:

This bill grants competitive status for appointment to a position in the competitive service for which the employee is qualified to any employee of the Special Inspector General for Iraq Reconstruction (SIGIR) who was not terminated for cause, and who completes at least 12 months of service at any time before the termination of the SIGIR on October 5, 2013.

The Secretary of State shall certify to Congress that the Department of State has made reasonable efforts to ensure the integrity and independence of the Office of the Inspector General Information Technology systems.

Each Department entity under the Foreign Service Act of 1980 shall report within five business days to the Inspector General (IG) any allegations of:

program waste, fraud, or abuse;
criminal or serious misconduct on the part of a Department employee at the FS-1, GS-15, GM-15 level or higher;
criminal misconduct on the part of any Department employee; and
serious, noncriminal misconduct on the part of any individual who is authorized to carry a weapon, make arrests, or conduct searches (such as conduct that would constitute perjury or material dishonesty, warrant suspension as discipline for a first offense, or result in loss of law enforcement authority).

The IG may investigate such matters.

No Department entity with concurrent jurisdiction over such matters, including the Bureau of Diplomatic Security, may initiate an investigation without first reporting the allegations to the IG.

A Department entity that initiates an investigation of such a matter must fully cooperate with the IG, unless the IG authorizes an exception.

Temporary relaxation of such restrictions may occur in exigent circumstances.

This bill was referred to the Senate Committee on Foreign Relations which will consider it before sending it to the Senate floor for consideration. According to govtrack.us, there are 5,343 bills and resolutions currently before the United States Congress. Of those, only about 5% will become law. They must be enacted before the end of the 2015-2017 session (the “114th Congress”).

US Embassy Bangkok: Local Staff Try American Treats for Independence Day!

June 30, 2015 By domani spero in Foreign Service, FSOs, Holidays and Celebrations, Locally Employed Staff, U.S. Missions Tags: American Treats, Fourth of July, Independence Day, July 4th, Thailand, US Embassy Bangkok

–Posted: 12:23 am EDT
[twitter-follow screen_name=’Diplopundit’ ]

Via US Embassy Bangkok/YouTube:

#

OPM Announces Temporary Suspension of the E-QIP System For Background Investigation

June 30, 2015 By domani spero in Career Employees, Federal Agencies, Foreign Service, Huh? News, Obama, Security, Spectacular, State Department, Technology and Work, Trends Tags: AFSA, background investigation, data breach, E-QIP System, federal employees, Katherine Archuleta, OPM, OPM hack, SF-86

Posted: 12:19 am EDT
[twitter-follow screen_name=’Diplopundit’ ]

On June 29, OPM announced the temporary suspension of the online system used to submit background investigation forms. The system could be offline from 4-6 weeks. Below via opm.gov:

WASHINGTON, D.C. – The U.S. Office of Personnel Management today announced the temporary suspension of the E-QIP system, a web-based platform used to complete and submit background investigation forms.

Director Katherine Archuleta recently ordered a comprehensive review of the security of OPM’s IT systems. During this ongoing review, OPM and its interagency partners identified a vulnerability in the e-QIP system. As a result, OPM has temporarily taken the E-QIP system offline for security enhancements. The actions OPM has taken are not the direct result of malicious activity on this network, and there is no evidence that the vulnerability in question has been exploited. Rather, OPM is taking this step proactively, as a result of its comprehensive security assessment, to ensure the ongoing security of its network.

OPM expects e-QIP could be offline for four to six weeks while these security enhancements are implemented. OPM recognizes and regrets the impact on both users and agencies and is committed to resuming this service as soon as it is safe to do so. In the interim, OPM remains committed to working with its interagency partners on alternative approaches to address agencies’ requirements.

“The security of OPM’s networks remains my top priority as we continue the work outlined in my IT Strategic Plan, including the continuing implementation of modern security controls,” said OPM Director Archuleta. “This proactive, temporary suspension of the e-QIP system will ensure our network is as secure as possible for the sensitive data with which OPM is entrusted.”

Meanwhile, on June 22, AFSA sent a letter to OPM Director Katherine Archuleta with the following requests:

via afsa.org (click for larger view)

On June 25, AFSA is one of the 27 federal-postal employee coalition groups who urge President Obama to “immediately appoint a task force of leading agency, defense/intelligence, and private-sector IT experts, with a short deadline, to assist in the ongoing investigation, apply more forceful measures to protect federal personnel IT systems, and assure adequate notice to the federal workforce and the American public.” (read letter here: AFSA Letter sent in conjunction with the Federal-Postal Coalition |June 25, 2015 | pdf)

Share this:

Share this:

#

Share this:

Share this: