Background Check Data Breach Affects 21.5 Million People

 MaskedManLaptop

Written By ESR News Blog Editor Thomas Ahearn

The U.S. Office of Personnel Management (OPM) has announced that sensitive information including Social Security Numbers (SSNs) for 21.5 million people was compromised in a database breach involving the background check records of current, former, and prospective Federal employees and contractors. Information about the OPM background check database incident will be updated regularly at https://www.opm.gov/cybersecurity/.

The OPM concluded that the sensitive information stolen from the background check databases includes 19.7 million individuals who applied for a background check and 1.8 million non-applicants who are primarily spouses or co-habitants of the applicants. Some records include interview findings while approximately 1.1 million include fingerprints. Usernames and passwords used by applicants to fill out background check forms were also stolen.

The OPM is warning people who underwent a background check investigation through OPM in 2000 or afterwards for either a new investigation or a reinvestigation that it is “highly likely” that they are impacted by the background check data breach. Those who underwent a background check investigation prior to 2000 may be impacted although it is “less likely.” The types of information involved in the background check data breach incident may include:

  • Social Security Numbers (SSNs).
  • Residency and educational history.
  • Employment history.
  • Information about immediate family and personal and business acquaintances.
  • Health, criminal, and financial history that would have been provided as part of a background check investigation.

Those people affected by the background check data breach incident will receive a notice in the mail from the OPM in the coming weeks containing details on the services available to them at no cost for at least three years. These services supplied by the OPM will include identity restoration support and victim recovery assistance, identity theft insurance, identity monitoring for minor children, continuous credit monitoring, and fraud monitoring services.

This background check data breach is the second of two separate but related cyber-security incidents recently discovered by the OPM that have impacted the data of Federal government employees and contractors. In April 2015, the OPM found that the personnel data of 4.2 million current and former Federal government employees had been stolen. While investigating this incident, the OPM discovered that additional information of 21.5 million people had been compromised in June 2015.

In the wake of the background check data breach incident, the OPM will continue to strengthen its cyber defenses and information technology (IT) systems in partnership with experts from Department of Defense (DoD), Department of Homeland Security (DHS), Federal Bureau of Investigation (FBI), and other interagency partners. The OPM has also identified 15 new steps to improve security and modernize its systems in the Cybersecurity Action Report.

Protecting Background Check Data Is Important

Employment Screening Resources® (ESR) – ‘The Background Check Authority®’ – is accredited by The National Association of Professional Background Screeners (NAPBS). ESR’s SOC 2 Audit Report confirms the company meets standards set by the American Institute of Certified Public Accountants (AICPA) for protecting the security, confidentiality, and privacy of consumer information used in background check orders. To learn more, please visit http://www.esrcheck.com/SOC-2/.

© 2015 Employment Screening Resources® (ESR) – Making copies or using of any part of the ESR News Blog or ESR website for any purpose other than your own personal use is prohibited unless written authorization is first obtained from ESR.