Fedweek

While OPM has provided more details regarding the computer theft of federal employees’ personal information in security clearance files, specific notices to those affected and services to them are at least several weeks away. As was expected, the breach of those files turned out to be far more serious than the earlier-reported breach of federal employment records. While the personnel data breach involves some 4.2 million current and former employees of about the last 30 years and affects basic personal and career information, the clearance files breach involves far more extensive and more sensitive information on some 21.5 million people. That number consists of some 19.7 million individuals (including federal, contractor and military personnel) on whom background investigations were performed for new or renewed security clearances since about 2000 and in some cases before, and 1.8 million spouses or co-habitants of applicants who were identified on those forms. About 3.6 million of those affected by the personnel file breach also were affected by the clearance file breach, bringing the total of those affected by one or both to over 22 million. In terms of information, the clearance file breach went beyond the highly personal information on issues such as financial troubles and alcohol and drug use that applicants have to disclose themselves, which has been generally suspected for weeks of having been compromised. The stolen information also includes, at least for some, fingerprints; information turned up during background investigations; and user names and passwords used when filling out the applications. While officials have said that individuals should assume that such information has been stolen, they have not made clear whether those files might have been altered. In a bit of positive news, they said there is no evidence that separate systems that store information regarding the health, payroll and retirement records of federal personnel were impacted. That wasn’t enough to save the job of OPM director Katherine Archuleta, however, who resigned under increased pressure following disclosure of those details. She has been replaced on an interim basis by Beth Cobert, deputy director for management of OMB.