back to article Hackers steal files on 4 million US govt workers

The agency tasked with recruiting workers for the US government has fessed up to allowing the personal details of 4 million people to be stolen by hackers. The US Office of Personnel Management (OPM) has sent out an alert to current and former government employees warning of the data breach. "Beginning June 8 and continuing …

  1. Anonymous Coward
    Anonymous Coward

    NSA too busy reading facebook posts

    WTF are the NSA for then?

    1. tom dial Silver badge

      Re: NSA too busy reading facebook posts

      NSA presently is being savaged by the Intercept, the New York TImes, and ProPublica for daring to suggest (probably at the direction of their DoD management chain) that they might be able to contribute something in this area. A principal problem, apparently, is that they might capture Americans' data (some of it their own in this case) while it was being exfiltrated. The articles (at least ProPublica and NYT) indicate the requested permission was denied.

      1. Destroy All Monsters Silver badge
        Trollface

        Re: NSA too busy reading facebook posts

        NSA presently is being savaged

        The smallest fiddle in the world is heard playing.

        Alos, 5 minutes until the suggestion emerges that the breach was actually due to the 5-minute interruption in metadata collection between the sunsetting of the P.A.T.R.I.O.T. act and the inception of the F.R.E.E.D.O.M. act.

  2. Crazy Operations Guy

    With all these breaches

    I would think that with all the breached organizations offering free credit monitoring and identify theft protection, I;d think that the average American would be getting these services for free for the rest of their lives.

    First there was Target, then Home Depot, the Anthem Insurance, and now this....

    1. Anonymous Coward
      Pint

      Re: With all these breaches

      That's precisely what I was going to say! And it's not stretching the truth at all.

    2. Anonymous Coward
      Anonymous Coward

      Re: With all these breaches

      Dead on!

      1. Ben Tasker Silver badge
        Joke

        Re: With all these breaches

        Free credit monitoring for the average american..... but... but... but.... surely that's one step away from socialism and must be banned?

        - A tea-bagger

        1. Destroy All Monsters Silver badge
          Pint

          Re: With all these breaches

          It must be banned not because of socialism but because Uncle Sam is already missing 120 trillion dollar to pay for THE OTHER social services.

  3. swampdog

    As a result, in April 2015, OPM became aware..

    ..and they've sat on it since then, only announcing it to dog+world just after the Freedom Act so the latter can be spun as "a good thing" and "bring back the patriots" to boot.

  4. fixit_f

    Bet Gary McKinnon is unbearable right now, "I TOLD YOU YOUR SECURITY WAS CRAP"

    1. Intractable Potsherd

      Bet Gary McKinnon is justifiably unbearable right now, "I TOLD YOU YOUR SECURITY WAS CRAP"

      FTFY :-)

  5. Chris G Silver badge

    Just sitting

    Sat on it since April and offering help to the hacked employees in mid to late June.

    They realy care about the employees don't they.

    the NSA and FBI using FISA to find hackers seem to be losing the battle, what they need is more data!

    1. iLuddite

      Re: Just sitting

      ..."need more data!"

      You seem to be implying that there is some left.

  6. MaldwynP

    The Chinese Department of Winged Dragons Hacking in the Celestial Cloud has decided to return the data has they felt sorry for how much the American employees earned.

  7. hplasm
    Holmes

    Begun-

    This cyberwar has...

    Yoda ^H^H^H^H Some crinkly Republican Congressman.

  8. Doctor Syntax Silver badge

    They don't seem to know when the breach happened, just that it was before April so the monitoring may be a lot too late. Also, if this agency was responsible for recruiting then they may well have lost data on unsuccessful applicants, not just current & former employees; that doesn't seem to be being addressed at all.

    1. Anonymous Coward
      Mushroom

      Good point. And I don't see much point in casting blame. It's tough to keep any system secure, impossible for one as big and old as this. Everyone's info has presumably already been looted from one place or another anyway; we just don't know it yet.

      2015: Year of the Datapocalypse

    2. Robert Helpmann??
      Childcatcher

      Free Credit Monitoring and Identity Theft Protection

      They don't seem to know when the breach happened, just that it was before April so the monitoring may be a lot too late.

      The monitoring service being offered is pretty useless in this case. The shelf life of this info is not like for stolen credit cards where after a month or so the cards have been replaced. This is the kind of info that doesn't change over the lifetime of the individuals being targeted. My understanding is that it hasn't showed up for sale, either, which would indicate that the individuals hacking the OPM are in it for the long term, not some quick fix.

  9. Nifty Silver badge

    Look! We got a long list of social security numbers.

    What's ""social security"?

    1. harmjschoonhoven
  10. glen waverley
    Holmes

    count down timer for bad guys?

    "Those who have had their data leaked will be able to receive 18 months of free credit monitoring and identity theft protection."

    So the bad guys now know they have to sit on the personal data for 19 months before applying for the dodgy loans. That's how I read it.

    1. Nifty Silver badge

      Re: count down timer for bad guys?

      I think it was Frank Abagnale (who inspired the film "Catch me if you Can"') that said an identity thief is MOST likely to strike more than a year after the moment of the info theft itself.

      So yes move that back from 12 to 18, job's a good'un.

  11. Anonymous Coward
    Anonymous Coward

    Way to go, EINSTEIN!

    Apparently they had some automated hack-detector called EINSTEIN, but similar to the Target hack, if the software is smarter than the humans overseeing it, all is for naught..

    These "national security professionals" at the NSA really need to step up to the plate and help defend the country from all these hacks that are only possible due to our broken encryption that they themselves broke.. oh, wait.

  12. Kev99 Silver badge

    But the internet is safe...

    RIGHT! Let's keep putting all of our sensitive, confidential information on the fishnet, I mean, internet. Blithering idiots.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like