Attention Focused on Data Theft Response Contract

There have been relatively few developments regarding the twin thefts of federal employee personnel and security clearance files over the last week, with the main point of focus being on an upcoming contract to provide services to those affected by the latter breach. While work preliminary to issuing that contract–which is to be handled by the Navy, not by OPM–is continuing and bids could be submitted as soon as next week. The contract is to provide credit monitoring and similar identity theft protections for three years for some 3.6 million current and former federal employees and also for some 17 million contractor and military personnel who applied for clearances or had them renewed over the last 15 years or who were named as associates in those applications. Current planning is that the contract will be awarded in late August. Notices would start going out within several weeks of that and the services would start up at the same time. However, notifications likely would be spread over a number of months because the government would not have current contact information on many of those affected–primarily those who worked for contractors, not directly as federal employees. One concern is whether the company chosen might be swamped in the early stages of the response, as was the contractor providing similar notice and services to those affected by the personnel files breach. That breach affected a much smaller number, about 4.2 million current and former federal employees; the scope of the upcoming effort will have to be much larger. More than a fifth of those affected have signed up for the optional services–some are automatic–under that contract.