833-847-3280
Schedule a Call

OPM Hack: Can it get any worse?

Last night I was asked on Fox News what I thought the impact of the OPM hack would be and I commented on the incredulous amount of information that has been stolen and the potential impact on over 21 million Americans. In my opinion, no more valuable a trove of information can be found outside of actually compromising our national defense systems.

For those of you that don’t have a security clearance, the information that is on these forms is staggering. Due to the fact that an initial security background has to be complete in order to properly “vet” the individual for access to classified data, applicants are required to pretty much place their entire life on this forms: addresses, positions, next of kin, SSN, criminal background, medical issues, drug use etc. I don’t know of one other single source of information that is so complete about an individual.

For this reason, I am astounded that, at a minimum, none of this data was at least considered critical enough to national security for it to be encrypted and possibly be declared classified. These “crown jewels” should not have been left in an antiquated IT architecture with 80 various agencies having access to it, without being protected. Even after the 2 contractors that had the contracts to conduct background checks were hacked, nothing was done to increase the security around this data and to keep it from nefarious hands.

The OPM and the Obama administration needs to move fast to fix this. Right now, there are 21 million Americans, including me, whose lives are now compromised and will be, for decades. This data must be taken off line and encrypted, if not placed behind a closed architecture with limited access. There must be some basic cyber security procedures taken such as these to at least provide this information with the protection it warrants. Making some easy decisions such as these and moving fast will show the American people that this cyber-attack is being taken seriously.

Assigning attribution for this hack and having a plan of attack to counter this threat should be of the highest priority. The American people should know that the data they entrust to the USG is safe and that those people or counties that violate that agreement will be punished. While the #1 culprit, presumably is China (and personally I agree that no other country has more to gain through the theft of this data), it is critical to identify the entity behind this act and resolve the damage through a combination of diplomatic, legal, economic or military action.

Oh, and 3 years of credit monitoring doesn’t even come close to compensating these victims for this hack. The USG should move to provide compensation for each American who has to find the time to fix identify theft associated with this. Additionally, creating a law enforcement capability or augmenting an existing agency such as the FBI to review stolen records and monitor various healthcare, insurance, tax and yes OPM systems for fraud, exploitation and impersonation would help provide the necessary increase in vigilance.

Latest Posts

A transparent image used for creating empty spaces in columns
As technology evolves at an unprecedented pace, artificial intelligence (AI) has emerged as a transformative force in cybersecurity. Organizations now use AI to detect and respond to threats faster than ever, but this progress raises an important question: is the human factor still relevant in…
A transparent image used for creating empty spaces in columns
In the complex world of cybersecurity, simple strategies can often make a big difference. One of the most powerful ideas in protecting your organization from cyber threats is as straightforward as it sounds: don’t leave the front door open. Picture this: your company’s network is…
A transparent image used for creating empty spaces in columns
With the rise in cyber threats, data breaches, and evolving regulations, cybersecurity risk management has never been more crucial for businesses. Today, companies are more connected than ever, and every device, user, and application potentially opens a new path for cybercriminals to exploit. From ransomware…
A transparent image used for creating empty spaces in columns
 In today’s increasingly digital world, more businesses are operating entirely online with remote teams and cloud-based infrastructures. As these companies grow, so does the importance of cybersecurity. One question we often get is: “Can online companies get penetration tests?” The answer is a resounding…
A transparent image used for creating empty spaces in columns
In today’s education landscape, cybersecurity is more critical than ever. Schools are no longer just places of learning; they have evolved into hubs of digital information, housing vast amounts of sensitive data. From student records to financial information, the risk of cyberattacks has become a…
A transparent image used for creating empty spaces in columns
 In today’s digital landscape, cybersecurity is not just a luxury but a necessity. As businesses increasingly rely on technology, the importance of safeguarding sensitive data has never been greater. However, for many small and medium-sized businesses (SMBs), the costs associated with cybersecurity services, particularly…
contact

Our Team

Name(Required)
This field is for validation purposes and should be left unchanged.
On Load
Where? .serviceMM
What? Mega Menu: Services