Not a Member? Get access to HR news and resources that you can trust.
Here is how HR can help prevent the missteps that could cost your company big in court.
Is your employee handbook ready for the changing world of work? With SHRM’s Employee Handbook Builder get peace of mind that your handbook is up-to-date.
Get the HR education you need without travel expenses or time out of the office.
Expand your influence and learn how to become an effective leader -- Join us in Phoenix, AZ, October 2-4, 2017.
Hack may be more than four times larger than initially suspected, sources say
On June 25, 2015, the U.S. Senate Committee on Homeland Security and Governmental Affairs will hold a public hearing to discuss a massive breach at the federal government’s HR agency, the Office of Personnel Management (OPM).
Officially, OPM isn’t saying how many people were caught up in the data breach. But sources have reportedly told CNN that the data of 18 million people were hacked—including present and former employees and individuals with security clearances, as well as the personnel files of job applicants. Other reports say the hacked information includes the names of the cleared individuals’ contacts with foreign nationals, their families, neighbors, and friends. The number of people affected was initially set at 4 million.
Officials have placed the blame for the attack on China.
During a hearing on June 18, OPM acknowledged that for years it didn’t employ basic security measures to safeguard its computer networks. The massive breach, which occurred in March 2014, was only revealed a few weeks ago.
Since then, Congress has held several hearings on the breach.
Michael Esser, OPM inspector general for audits, told senators that the agency failed to follow practical cybersecurity measures. Not only that, he said those in charge of OPM’s information technology division didn’t have the expertise required to keep data secure.
Esser reportedly told senators the inspector general audited the system and suggested the agency shut down some of its exposed networks, but agency director Katherine Archuleta refused, saying such a closure would hamper the agency’s work.
Lawmakers were outraged.
“You failed utterly and totally,” committee Chairman Jason Chaffetz, R-Utah, said during the hearing. “They recommended it was so bad that you shut it down and you didn't.”
The new hearing, Under Attack: Federal Cybersecurity and the OPM Data Breach, will include the following witnesses: Archuleta; Tony Scott, U.S. chief information officer of OPM; Andy Ozment, assistant secretary, Office of Cybersecurity and Communications of the U.S. Department of Homeland Security; and Patrick E. McFarland, inspector general of OPM.
Aliah D. Wright is an online editor/manager for SHRM. Reach her via Twitter @1SHRMScribe or on Facebook/aliahwrites.
You have successfully saved this page as a bookmark.
Please confirm that you want to proceed with deleting bookmark.
You have successfully removed bookmark.
Please log in as a SHRM member before saving bookmarks.
Your session has expired. Please log in again before saving bookmarks.
Please purchase a SHRM membership before saving bookmarks.
An error has occurred
Recommended for you
Choose from dozens of free webcasts on the most timely HR topics.
SHRM’s HR Vendor Directory contains over 3,200 companies