Posted: 1:36 am  PDT
[twitter-follow screen_name=’Diplopundit’ ]

Excerpt via opm.gov:

OPM announced the results of the interagency forensic investigation into the second incident.  As previously announced, in late-May 2015, as a result of ongoing efforts to secure its systems, OPM discovered an incident affecting background investigation records of current, former, and prospective Federal employees and contractors.  Following the conclusion of the forensics investigation, OPM has determined that the types of information in these records include identification details such as Social Security Numbers; residency and educational history; employment history; information about immediate family and other personal and business acquaintances; health, criminal and financial history; and other details.  Some records also include findings from interviews conducted by background investigators and fingerprints.  Usernames and passwords that background investigation applicants used to fill out their background investigation forms were also stolen.

While background investigation records do contain some information regarding mental health and financial history provided by those that have applied for a security clearance and by individuals contacted during the background investigation, there is no evidence that separate systems that store information regarding the health, financial, payroll and retirement records of Federal personnel were impacted by this incident (for example, annuity rolls, retirement records, USA JOBS, Employee Express).

This incident is separate but related to a previous incident, discovered in April 2015, affecting personnel data for current and former Federal employees.  OPM and its interagency partners concluded with a high degree of confidence that personnel data for 4.2 million individuals had been stolen.  This number has not changed since it was announced by OPM in early June, and OPM has worked to notify all of these individuals and ensure that they are provided with the appropriate support and tools to protect their personal information.

Analysis of background investigation incident.  Since learning of the incident affecting background investigation records, OPM and the interagency incident response team have moved swiftly and thoroughly to assess the breach, analyze what data may have been stolen, and identify those individuals who may be affected.  The team has now concluded with high confidence that sensitive information, including the Social Security Numbers (SSNs) of 21.5 million individuals, was stolen from the background investigation databases.  This includes 19.7 million individuals that applied for a background investigation, and 1.8 million non-applicants, predominantly spouses or co-habitants of applicants.  As noted above, some records also include findings from interviews conducted by background investigators and approximately 1.1 million include fingerprints.  There is no information at this time to suggest any misuse or further dissemination of the information that was stolen from OPM’s systems.

If an individual underwent a background investigation through OPM in 2000 or afterwards (which occurs through the submission of forms SF 86, SF 85, or SF 85P for a new investigation or periodic reinvestigation), it is highly likely that the individual is impacted by this cyber breach. If an individual underwent a background investigation prior to 2000, that individual still may be impacted, but it is less likely.

So, are we supposed to wait for another credit monitoring offer from OPM’s partners for this BI hack, after already being offered credit monitoring for the personnel data compromised in an earlier breach?

Yes. Wonderful.

Ms. Archuleta should do the right thing and resign.

Part of OPM’s public response to these breaches has been to protect the director’s record at the agency.  While she remains in charge, I suspect that the fixes at OPM will also include shielding the director from further damage. News reports already talk about OPM’s push back. Next thing you know we’ll have “setting the record straight” newsbots all over the place.

While it is true that Ms. Archuleta arrived at OPM with legacy systems still in operation, these breaches happened under her watch. Despite her protestation that no one is personally responsible (except the hackers), she is the highest accountable official at OPM.  Part and parcel of being in a leadership position is to own up to the disasters under your wings.  Ms. Archuleta should resign and give somebody else a chance to lead the fixes at OPM.

.

Oh, joy. #OPM https://t.co/tSpxwnttyV pic.twitter.com/KB4xiCkYP9

— Dave (@empiricalerror) July 9, 2015

.

#OPM hackers got ‘about 1.1 million include #fingerprints,’ WaPo’s .@nakashimae reports. http://t.co/3FkGrHgN0b — Jeff Stein (@SpyTalker) July 9, 2015

.

#OPM Director says she should be “applauded.” That attitude is nauseating, ignorant and offensive. #OPMHack http://t.co/entEjJjPrx

— Ted Lieu (@tedlieu) July 9, 2015

.

If #Obama took #China‘s #OPM hack seriously, he’d start by firing head of OPM on behalf of 21 million victims http://t.co/dJPINW3jSo — james gibney (@jamesgibney) July 9, 2015

.

Call it a “data rupture”: Hack hitting OPM affects 21.5 million http://t.co/GbJdY4U9Nd by @dangoodin001 — Ars Technica (@arstechnica) July 9, 2015

.

The stolen #OPMHack info includes 1.1 million Fingerprints (of security clearance applicants) http://t.co/aghibIYoxu What a database!

— Peter W. Singer (@peterwsinger) July 9, 2015

.

Changing #FedIT culture after OPM breach http://t.co/zUhAmuf6Ka @Safegov‘s @jeffmgould explains why orgs need to be held accountable

— 11mark (@11markagency) July 9, 2015

#