We're celebrating 10 Days of Membership! Today's Gift: $20 off your professional membership with promo 10DAYS20OFF
Training, policies and tools to help HR prevent and respond to harassment claims.
Is your employee handbook keeping up with the changing world of work? With SHRM's Employee Handbook Builder get peace of mind that your handbook is up-to-date.
Develop your HR competencies and knowledge in-person in 12 U.S. cities or virtually.
#SHRM18 will expand your perspective – on your organization, on your career, and on the way you approach HR. Join us in Chicago June 17-20, 2018
Hack may be more than four times larger than initially suspected, sources say
On June 25, 2015, the U.S. Senate Committee on Homeland Security and Governmental Affairs will hold a public hearing to discuss a massive breach at the federal government’s HR agency, the Office of Personnel Management (OPM).
Officially, OPM isn’t saying how many people were caught up in the data breach. But sources have reportedly told CNN that the data of 18 million people were hacked—including present and former employees and individuals with security clearances, as well as the personnel files of job applicants. Other reports say the hacked information includes the names of the cleared individuals’ contacts with foreign nationals, their families, neighbors, and friends. The number of people affected was initially set at 4 million.
Officials have placed the blame for the attack on China.
During a hearing on June 18, OPM acknowledged that for years it didn’t employ basic security measures to safeguard its computer networks. The massive breach, which occurred in March 2014, was only revealed a few weeks ago.
Since then, Congress has held several hearings on the breach.
Michael Esser, OPM inspector general for audits, told senators that the agency failed to follow practical cybersecurity measures. Not only that, he said those in charge of OPM’s information technology division didn’t have the expertise required to keep data secure.
Esser reportedly told senators the inspector general audited the system and suggested the agency shut down some of its exposed networks, but agency director Katherine Archuleta refused, saying such a closure would hamper the agency’s work.
Lawmakers were outraged.
“You failed utterly and totally,” committee Chairman Jason Chaffetz, R-Utah, said during the hearing. “They recommended it was so bad that you shut it down and you didn't.”
The new hearing, Under Attack: Federal Cybersecurity and the OPM Data Breach, will include the following witnesses: Archuleta; Tony Scott, U.S. chief information officer of OPM; Andy Ozment, assistant secretary, Office of Cybersecurity and Communications of the U.S. Department of Homeland Security; and Patrick E. McFarland, inspector general of OPM.
Aliah D. Wright is an online editor/manager for SHRM. Reach her via Twitter @1SHRMScribe or on Facebook/aliahwrites.
You have successfully saved this page as a bookmark.
Please confirm that you want to proceed with deleting bookmark.
You have successfully removed bookmark.
Please log in as a SHRM member before saving bookmarks.
Your session has expired. Please log in again before saving bookmarks.
Please purchase a SHRM membership before saving bookmarks.
An error has occurred
Recommended for you
CA Resources at Your Fingertips
SHRM’s HR Vendor Directory contains over 3,200 companies