A massive cyber breach at the Office of Personnel Management may have exposed the personal and financial information of 4 million employees, putting their credit and finances at risk.

But what does it mean for you?

It means being vigilant about your credit scores and personal finances for the foreseeable future, according to the Office of Personnel Management. The agency has said it will provide credit monitoring services for up to 18 months as well as a $1 million in identify theft , but federal employees still need to watch their finances carefully.

OPM also issued guidance for affected feds, urging feds to:

  • Monitor their financial statements and immediately report any suspicious or unusual activity to their financial institutions.
  • Request a free credit report by going to www.annualcreditreport.com. Consumers are eligible for one free credit report a year from each of the three major credit bureaus.
  • Investigate whether they should place a fraud alert on their credit profiles in order to let creditors know to contact them before opening any new accounts in their names.

See also: OPM hack could affect 4 million people

See also: Lawmakers fault OPM over massive cyber breach

The National Federation of Federal employees is working to inform its members about the data breach and is distributing the OPM guidance as widely as possible, according to NFFE President William Dougan.

He said feds should also continue to check OPM's website in case of any new developments in the situation and also notify their financial institutions about the possible breach of their data.

"Moving forward, we are working with OPM to identify those affected and will seek a solution to ensure that private and sensitive information of NFFE members and federal employees are not exposed to wide-scales risks such as a cyberattack in the future," Dougan said.

OPM also included additional advice on how to avoid identify theft in general, including:

  • Being suspicious of unsolicited phone calls and email messages from people asking about other employees or for internal information. If someone claims to be from somewhere, try and verify their identity.
  • Do not reveal personal information in an email, and do not respond to email requests for personal information.
  • Take advantage of any anti-phishing software or services provided by your agency.

Tyler Reguly, the manager of security research for cyber detection company Tripwire, said in addition to the OPM guidances, federal employees should watch out for more targeted attacks tailored to the information stolen.

"Targeted attacks are likely to be much more specific and tailored to appeal to you. Always be wary of people who seem to know too much about you no matter what method they use to contact you," Reguly said.

Feds should consider what personal information was in their records – especially medical records – to see what might be of particular value to cyber criminals , Reguly said. For example, high-value prescriptions for pharmaceuticals or large accounts.

"If you aren't on a first name basis with your doctor or pharmacist, consider asking them to put a note on file to check your ID whenever you come in or pick up a prescription and ask your doctor not to accept telephone requests for prescription refills," Reguly said.

Colleen Kelly, the president of the National Treasury Employees Union, said the union was working to warn current and federal employees to be wary of people trying to capitalize on the theft of their personal information.

She said NTEU is also seeking information on which employees were affected and the specifics about which types of information were stolen. Updates will be sent to NTEU members whenever new information is available.

"This data breach is unacceptable. Information on the federal workforce and federal retirees deserves the highest level of protection. With the rising incidence of identity theft and financial fraud, NTEU is very concerned about the impact of this breach on federal workers and their families," Kelley said.

Share:
In Other News
Load More