When most people think about identity theft, they think about their own personal identifying information being stolen by thieves who will their ill-begotten information for nefarious purposes. Most people think about identify theft of just a single person, but identity theft goes beyond that. Individuals are often targeted by thieves, certainly, but so are businesses and even governments.
Last spring, the United States government faced the largest successful government hack in history when the Office of Personnel Management (OPM) was hacked by cyber thieves. OPM is the central hub where all of the personal identifying information of every former and current federal government employee and even some prospective hires’ personal information is stored. It was discovered that the personal identifying information, security clearance credentials, and other confidential information of more than four million current and former federal workers had been stolen.
The revelations shook the country, as we realized that our government needs to do a better job of protecting itself from cyber attacks. People in management were fired and replaced, systems have been getting upgrades and cybersecurity has been enhanced.
The Cyberattack on OPM
The hackers gained access to the OPM government systems by using a common hacking technique of using the login credentials of a third party who had access to the systems in order to break in. Specifically, hackers obtained the login credentials of an employee who worked for KeyPoint Government Solutions. KeyPoint was a third-party contractor hired to complete background investigations for government positions. These credentials gave the hackers access to all of OPM’s networks and information, including the personal identifying information of millions of federal workers.
According to the Washington Examiner, KeyPoint was reported to be a very weak link in the cybersecurity of the OPM systems. KeyPoint failed to keep logs for user logins, and is unable to determine how it was compromised during the attack.
With the kind of information that was obtained about federal employees from the OPM hack, there is speculation that it can be used to commit complicated forms of fraud through identity theft. However, it is unlikely that any of the information that was stolen will be used any time soon, especially after the government announced that it was providing all affected individuals with three years of identity protection monitoring services.
But hackers are patient and calculating individuals, and it is likely that this stolen identity information will simply remain unused for several years. There is the distinct possibility that the hackers will wait until people have forgotten about the OPM hack and the identity protection services that were provided to affected federal workers has expired before trying to make use of the stolen information.
Contact An Identity Theft Protection Lawyer
If you have reason to believe that your identity has been stolen, it is critical that you get into contact with an experienced identity theft protection lawyer as soon as possible so that the harm to you can be mitigated and protections can be put into place. Contact the professionals at the Bromberg Law Office, P.C. to schedule an appointment.