5.6 Million Fingerprints Stolen in OPM Hack [Still No Competence or Transparency]

5.6 Million Fingerprints Stolen in OPM Hack by Chris Brook.

The management follies continue at the Office of Personnel Management (OPM), which I mentioned the other day had declined to use modern project management practices.

A snippet from Chris’ post, which you should read in it entirety:


OPM said at the beginning of September that it would begin sending letters to victims of the breach “in a few weeks,” yet the agency’s recent statement reiterates that an interagency team is still working in tandem with the Department of Defense to prep the letters.

“An interagency team will continue to analyze and refine the data as it prepares to mail notification letters to impacted individuals,” Schumach wrote.

Did you read between the lines to intuit the cause of the delay in letter preparation?

The next big shoe to drop, either on prodding by Congress or news media:

The Office of Personnel Management doesn’t have current addresses on all 21.5 million government workers.

When a data breach occurs at a major bank, credit card company, etc., sending the breach letter is a matter of composing it and hiring a mail house to do the mailing.

This is going on four months after OPM admitted the hack and still no letters?

I may be over estimating the competency of OPM management when it comes to letter writing but my bet would be on a lack of current addresses for a large portion of the employees impacted.

FYI, hiring former OPM staff has a name. It’s called assumption of risk.

2 Responses to “5.6 Million Fingerprints Stolen in OPM Hack [Still No Competence or Transparency]”

  1. yellek says:

    I think it is likely that there are addresses missing since many of the records may relate to people who no longer work for the government and thus they may not have current address data.

  2. Patrick Durusau says:

    True but the OPM has adopted a “wall of silence” approach to its problems.

    Why not name names? The people responsible for the current problems and give the details of what is being done in response?

    Of course that would involve taking personal responsibility, something I suspect OPM staff are loath to do.