Privacy Concerns

U.S. Has Yet to Notify 21.5 Million Data Breach Victims

U.S. Has Yet to Notify 21.5 Million Data Breach Victims
Image credit: Shutterstock
2 min read
This story originally appeared on Reuters

Two months after discovering that sensitive personal information on 21.5 million Americans was compromised in a hack of government databanks, none of those affected has been officially notified, government officials said on Tuesday.

The officials from multiple agencies, who are familiar with an investigation into the breach, said the Office of Personnel Management (OPM), which oversaw the data, is working with other agencies to set up a system to inform the victims.

One official at OPM, who declined to be identified, said that because of the complicated nature of the data and the fact that government employees and contractors often move among different agencies, it would be weeks before a mechanism was in place.

The official said the government was trying to establish a centralized system rather than leave the notification to separate agencies. OPM is expected to hire an outside contractor but has not yet sought bids for the work.

The head of the OPM, Katherine Archuleta, resigned last Friday after coming under heavy fire in Congress over the security breach, which was disclosed in May, and an earlier OPM hacking that was made known in April. Government officials suspect Chinese hackers were responsible.

Almost all the 4.2 million people exposed in the earlier breach, which affected only basic job application data, have been notified, a U.S. official said. They have been invited to enroll in an identity protection program.

The much larger breach discovered in May and made public last week involved much more sensitive personal information OPM gathered for security clearances investigations of current, former and prospective federal employees and contractors.

They included 19.7 million contractors and employees who applied for security clearances, and 1.8 million "non applicants" whose personal data was included in security clearance applications, such as spouses.

OPM has said that anyone who underwent a security clearance background investigation through OPM in 2000 or afterwards is likely affected by the latest data breach.

There is some overlap among the individuals whose data was compromised in the two breaches.

(Reporting by Mark Hosenball in Washington; Editing by Lisa Shumaker)

More from Entrepreneur

Kathleen, Founder and CEO of Grayce & Co, a media and marketing consultancy, can help you develop a brand strategy, build marketing campaigns and learn how to balance work and life.
Book Your Session

In as little as seven months, the Entrepreneur Authors program will turn your ideas and expertise into a professionally presented book.
Apply Now

Are paying too much for business insurance? Do you have critical gaps in your coverage? Trust Entrepreneur to help you find out.
Get Your Quote Now

Latest on Entrepreneur

My Queue

There are no Videos in your queue.

Click on the Add to next to any video to save to your queue.

There are no Articles in your queue.

Click on the Add to next to any article to save to your queue.

There are no Podcasts in your queue.

Click on the Add to next to any podcast episode to save to your queue.

You're not following any authors.

Click the Follow button on any author page to keep up with the latest content from your favorite authors.