Get access to the exclusive HR Resources you need to succeed in 2018.
Sign up for free email newsletters and get more SHRM content delivered to your inbox.
Is your employee handbook keeping up with the changing world of work? With SHRM's Employee Handbook Builder get peace of mind that your handbook is up-to-date.
Build competencies, establish credibility and advance your career—while earning PDCs—at SHRM Seminars in 14 cities across the U.S. this fall.
Gain the skills you need to rise to the next level in your career. Jon us at SHRM's Leadership Development Forum, October 2-3 in Boston.
Hack may be more than four times larger than initially suspected, sources say
Members may download one copy of our sample forms and templates for your personal use within your organization. Please note that all such forms and policies should be reviewed by your legal counsel for compliance with applicable law, and should be modified to suit your organization’s culture, industry, and practices. Neither members nor non-members may reproduce such samples in any other way (e.g., to republish in a book or use for a commercial purpose) without SHRM’s permission. To request permission for specific items, click on the “reuse permissions” button on the page where you find the item.
On June 25, 2015, the U.S. Senate Committee on Homeland Security and Governmental Affairs will hold a public hearing to discuss a massive breach at the federal government’s HR agency, the Office of Personnel Management (OPM).
Officially, OPM isn’t saying how many people were caught up in the data breach. But sources have reportedly told CNN that the data of 18 million people were hacked—including present and former employees and individuals with security clearances, as well as the personnel files of job applicants. Other reports say the hacked information includes the names of the cleared individuals’ contacts with foreign nationals, their families, neighbors, and friends. The number of people affected was initially set at 4 million.
Officials have placed the blame for the attack on China.
During a hearing on June 18, OPM acknowledged that for years it didn’t employ basic security measures to safeguard its computer networks. The massive breach, which occurred in March 2014, was only revealed a few weeks ago.
Since then, Congress has held several hearings on the breach.
Michael Esser, OPM inspector general for audits, told senators that the agency failed to follow practical cybersecurity measures. Not only that, he said those in charge of OPM’s information technology division didn’t have the expertise required to keep data secure.
Esser reportedly told senators the inspector general audited the system and suggested the agency shut down some of its exposed networks, but agency director Katherine Archuleta refused, saying such a closure would hamper the agency’s work.
Lawmakers were outraged.
“You failed utterly and totally,” committee Chairman Jason Chaffetz, R-Utah, said during the hearing. “They recommended it was so bad that you shut it down and you didn't.”
The new hearing, Under Attack: Federal Cybersecurity and the OPM Data Breach, will include the following witnesses: Archuleta; Tony Scott, U.S. chief information officer of OPM; Andy Ozment, assistant secretary, Office of Cybersecurity and Communications of the U.S. Department of Homeland Security; and Patrick E. McFarland, inspector general of OPM.
Aliah D. Wright is an online editor/manager for SHRM. Reach her via Twitter @1SHRMScribe or on Facebook/aliahwrites.
You have successfully saved this page as a bookmark.
Please confirm that you want to proceed with deleting bookmark.
You have successfully removed bookmark.
Please log in as a SHRM member before saving bookmarks.
Please sign in as a SHRM member before saving bookmarks.
Please purchase a SHRM membership before saving bookmarks.
An error has occurred
Recommended for you
HR Education in a City Near You
SHRM’s HR Vendor Directory contains over 10,000 companies