KMWorld CRM Media Streaming Media Faulkner Speech Technology Unisphere/DBTA
PRIVACY/COOKIES POLICY
Other ITI Websites
American Library Directory Boardwalk Empire Database Trends and Applications DestinationCRM EContentMag Faulkner Information Services Fulltext Sources Online InfoToday Europe Internet@Schools Intranets Today KMWorld Library Resource Literary Market Place OnlineVideo.net Plexus Publishing Smart Customer Service Speech Technology Streaming Media Streaming Media Europe Streaming Media Producer Unisphere Research



For commercial reprints or PDFs contact David Panara (dpanara@infotoday.com)
Periodicals > Link-Up Digital
Back Forward

When Government Data Isn't Secure
by

Bookmark and Share
Link-Up Digital

The recent breach of government employee databases run by the federal government’s Office of Personnel Management (OPM) brings home the importance of Internet security.

As always happens in situations like these, some people overreact and some underreact. In fairness, the situation at the time of this writing is still playing itself out, so we don’t know with any assurance what the correct response should be.

But it’s safe to say that this isn’t the beginning of World War III fought in cyberspace. It’s also safe to say that this breach shouldn’t be pooh-poohed, business as usual.

What we do know with certainty is that in June 2015 OPM announced that personnel records of millions of former and current government employees had been compromised. Later, prospective government employees who underwent security checks were added.

Data hacked included names, addresses, dates and places of birth, and Social Security numbers—data that can be used by bad guys to steal your identity. It may also have included security-clearance information such as facts about family members, college roommates, foreign contacts, psychological profiles, and even information provided by neighbors.

Currently OPM is notifying people who may have been affected. It’s also offering potentially affected people credit report access, credit monitoring services, and identity theft insurance for 18 months at no cost to them through the company CSID, at csid.com/opm.

OPM has described the incident as “one of the largest” breaches of government data in history. It may be the largest. The breach was noticed by OPM in April, and it may have started in March 2014 or perhaps even earlier.

It’s also unclear who the hackers are. As of this writing, no government agency involved, including the FBI and the Department of Homeland Security, has confirmed anything. But according to media reports, “unnamed government officials” have said based on limited evidence that the hack originated in China. If it did, it’s not clear if it was perpetrated by the Chinese government, by hackers supported by the Chinese government, or by independent hackers looking for financial gain.

OPM had been warned in audit reports about weaknesses in its security, some of which are a result of “legacy,” or old, computer systems still in use. Clearly more resources need to be allocated for security of government databases.

So what should you do right now, whether you’re a government worker or not? These recommendations apply to anyone whose identity may have been compromised or who’s at risk that it may be compromised in the future. One truly scary part is that this applies to every adult in the U.S. One reassuring part is that there are things you can do, such as:

  • Carefully read your monthly credit card, bank, and any other financial statements. Crooks often start with a small theft. Sometimes they continue the same small theft month after month, hoping to fly under the radar. Other times after the small theft they go for the big money. 
  • Regularly check your credit report. The law permits you to obtain for free a report once every 12 months from each of the three major credit reporting agencies—Equifax, Experian, and TransUnion. Go to the central site set up by these agencies for this purpose, AnnualCreditReport.com, or phone 877-322-8228. Make sure no one else has defaulted on a new credit card obtained in your name, which would indicate identity theft. You can order credit reports from all three agencies at once. But it’s better to spread this out by ordering a report from each agency every four months. 


Regarding the current breach, if the Chinese government was involved, it may have stepped over the line by putting individuals at risk. But, in general, there should be no doubt that the Chinese government, the Russian government, the U.S. government, and other governments are using the Internet, and any weaknesses they can find in security protections taken by governments of their adversaries, to spy.

Information gathering—espionage—is nothing new, of course. In recent years, it, like much else in modern life, has moved in part online. We, as Americans, just need to do a better job of protecting our data than we have.

The latest information about the OPM data security breach can be found at opm.gov/cybersecurity. The Federal Trade Commission has good general information about identity theft, protecting yourself from it as well as recovering from it, at identitytheft.gov and consumer.ftc.gov


Reid Goldsborough is a syndicated columnist and author of the book Straight Talk About the Information Superhighway. He can be reached at reidgoldsborough@gmail.com or reidgold.com.


       Back to top