A recent report has stated that the attack on OPM was avoidable. The agency knew that it was being targeted and yet failed to secure the millions of federal employees data. The report also says that the agency failed to notice that it was dealing with a sophisticated enemy who probably found it simple to steal vital employee information. It has been confirmed that the attack originated in another country.
The Report on the Biggest Cyber Attacks on Federal Employees Data
- Also Read: 3 Reasons Certain Federal Employees Can Retire Years Earlier Than Their Peers Without Penalties
- Also Read: CSRS Retirement in 2024: Are You Making the Most of What This Classic Plan Has to Offer?
- Also Read: Roth IRA Basics for Beginners: What’s There to Learn?
An Interview Statement
In an interview with CNN, the Chairman of the House Committee on Oversight and Government Reform, Jason Chaffetz stated that in the report it is clearly mentioned that once the OPM knew that an attack was in progress, it didn’t take the right steps.
The Overseas Attack
The Republican representative from Utah did not confirm whether that attack came from China, which is being rumored for several months now. He does admit that it was an overseas attack. He didn’t reveal much by pointing out that the name of the country where the attack originated was classified information.
Reason Behind the Attack
Chaffetz said that the attack was organized and executed because the information garnered through it was very valuable to other countries. The data that was hacked revealed which federal employees had security clearances and who was dealing with the most classified information. It also exposed the vulnerabilities and fingerprints of those who were in charge of the classified data.
Underestimating the Enemy
The report also stated that OPM underestimated its enemy by not realizing that the enemy had sophisticated weapons and was very persistent. It also says that OPM had been warned consistently for years before the attacks that it was a target. It failed to recognize the importance and genuineness of being a target. If the agency had taken the threats seriously and implemented some basic security controls, the attacks would not have made the information of federal employees so easily accessible.
