Clearance Files Breach Notices Start Going Out

OPM has started sending notices to some 3.6 million current and former federal employees whose security clearance application files were hacked. That group is among the affected 19.7 million persons whose personal information from applications for new or renewed clearances since 2000 was stolen, along with less sensitive information on another 1.8 million people who were named as close personal contacts in those forms. The notices related to the clearance breach will include specifics including whether a person’s fingerprints were stolen—which happened in about a quarter of the cases—plus a personal identification number for signing up for credit monitoring and identity monitoring services. Those would be in addition to identity restoration services and up to $1 million in identity theft insurance already in effect automatically for affected persons, with no need to sign up. The notices are being sent by regular mail from a government return address—unlike the earlier notices related to the separate breach of personnel files, which were sent out mainly by email from the company providing the services—causing many recipients to wonder if the notices themselves were a form of attempted identity theft. OPM says that neither it nor the contractor, ID Experts, will contact individuals to confirm any personal information. “If you are contacted by anyone asking for your personal information in relation to this incident, do not provide it,” it said.