Fedweek

The Justice Department has said that contrary to an earlier announcement by one of its U.S. Attorney’s Office, there is no proof that information stolen from OPM records on current and former federal employees three years ago was used in an identity theft case.

The original announcement from that office that the information had been used to obtain fraudulent personal and vehicle loans through a credit union was cited by some publications as the first evidence of actual misuse of the data. Breaches of two separate databases, one of federal employee personnel records and another on people who had undergone background checks for security clearances or other reasons, involved personal information on more than 20 million persons in all.

In response to a letter to OPM from Sen. Mark Warner, D-Va., the Justice Department said that “A number of the victims of this scheme identified themselves to the Department of Justice as victims of the OPM data breach. However, at present, the investigation has not determined precisely how their identity information used in this case was obtained and whether it can, in fact, be sourced directly to the OPM data breach. Because the victims in this case had other things in common in terms of employment and location, it is possible that their data came from another common source.”