Cyber Breach Much Worse Than Reported

US Government OPM Cyber Breach Much Worse Than Reported

The much publicized breach at the US government Office of Personnel Management (OPM) in May this year was much more serious than initially reported, in terms of the number of people affected, the quality of information breached, as well as the probable cost to American taxpayers.

While the breach was widely publicized shortly after it occurred, were revealed in a recent quarterly report released by NTT Group security company Solutionary. Our report published last week outlines the most prevalent types of cyber attack, as well as the most commonly identified forms of malevolent activity worldwide that were contained in the 22-page report. It also drew attention to the fact that more Malware attacks occur in the US than in any other country in the world.

The OPM breach is covered in some detail in the second quarter Solutionary report. Ultimately, it states that this Government breach won’t just affect people at this point in time, but it will also affect others in future, and is likely to impact on the integrity of any background investigation processes relating to millions of people for the next 10 to 20 years.

OPM is going to have to increase its identity threat protection services, and according to the report, will cost US taxpayers in excess of $220 million. Furthermore, these services won’t cover every taxpayer.

Extent of the OPM Breach

 

When the OPM breach was first discovered, the number of people said to be affected was four million. This figure quickly rose to 22 million, though the Solutionary report states this is probably a very misleading figure. The issue is that the records accessed were not only those of government employees, but also included personal data about family members and even friends, and so the number of people affected is likely to be closer to 132 million, and even this could be conservative. However the authors of the report state it will probably never be known just how big the breach was, but it is likely to have been “the biggest loss of private information ever.”

And it’s not just about numbers, but rather the “quality” of data that was accessed. The breach involves 127-page forms that require a huge amount of information, from names, addresses over the last 10 years, schools attended, social security numbers, passport numbers, financial statements and health statements. In a nutshell the information covers what you would expect to find in a combination of bank, employment, medical and school records.

While OPM hasn’t confirmed whether FBI, NSA, and CIA forms were classified or protected sufficiently to have escaped the breach, there is a possibility that they weren’t; and if not, someone with “malevolent intent” could do a lot of damage. Unfortunately, the report states, there is not way to know whether individuals at these government agencies are compromised or not, and it could take 10 to 20 years to find out.

Cost of the OPM Breach

The “real costs” associated with the OPM breach relate primarily to credit protection services the government has offered 4.2 million victims via the identity theft protection company, CSID for 18 months. An additional 22 million people will probably receive similar service – with costs likely to amount to an additional $200 million. High risk, as well as critically and specially sensitive individuals will also have to be vetted again to ensure they are in fact trustworthy. While it is not known how many people will be affected, based on the OPM charge of $4,000 for a “single scope background investigation,” if only 20 percent of the 22 million need to do this, it will cost another $18 million.

These costs don’t include lost services or any costs that could be incurred if or when victims are compromised further at a later stage.

This may not only be the biggest loss of sensitive information ever, but it may very well ultimately rank near the most expensive,” the report states. Further, since OPM isn’t the US federal government’s largest agency, and since the breach was discovered by accident, if these same levels of control are in place at larger agencies, the potential for similar breaches is very real.

By Penny Swift

Digitizing Contact Center to Reduce Call Volume by 30% and Improve NPS

Digitizing Contact Center to Reduce Call Volume by 30% and Improve NPS

Digitizing Contact Center With a Net Promoter Score (NPS) average of 24, telecom holds the lowest industry average according to the NPS Benchmarks Report. Operational inefficiencies in contact centers play a major role in the low ...
Top 10 Tech Job Skills Predicted To Grow The Fastest In 2021

Top 10 Tech Job Skills Predicted To Grow The Fastest In 2021

Top 10 Tech Job Skills Predicted According to Burning Glass Technologies, the two tech job skills paying the highest salary premiums today and in 2021 are IT Automation ($24,969) and AI & Machine Learning ($14,175) ...
Gartner Predicts Public Cloud Services Market Will Reach $397.4B by 2022

Gartner Predicts Public Cloud Services Market Will Reach $397.4B by 2022

Public Cloud Services Market Will Reach $397.4B Worldwide end-user spending on public cloud services is forecast to grow 23.1% in 2021 to total $332.3 billion, up from $270 billion in 2020. Garter predicts worldwide end-user ...
Martin Mendelsohn

The Growth of Third Party Risk Management (TPRM) Firms

Cybersecurity and the Continued Risks Back in the day, we played cops and robbers with sticks and plastic squirt guns.  Sometimes you were pursued, at other times you were the pursuer.  There wasn’t much more ...
Business Voip

Cloud Governance Best Practices & How “Legacy Governance” Hurts

Cloud Governance Best Practices The cloud can provide your organization with substantial benefits -- if you adopt an effective cloud governance model. Businesses established before the cloud era (or those that took their IT governance ...

PROXY SERVICES

The CloudTweaks technology lists will include updated resources to leading services from around the globe. Examples include leading IT Monitoring Services, Bootcamps, VPNs, CDNs, Reseller Programs and much more...

  • Smartproxy

    Smartproxy

    Smartproxy is a rising star in the constantly growing proxy market. Smartproxy offers awarded customer service, impressive performance, and is serious about your anonymity (yes, cybersecurity matters). The latest features developed by Smartproxy are 30 minute long sticky sessions and Google Proxies. Rumor has it, the latter guarantee 100% success rate

  • Bright Data

    Bright Data

    Bright Data’s network is one of the most robust of its kind globally. Here are its stark advantages: Extremely stable connection for long sessions (99.99% uptime guaranteed). Free to integrate with our Proxy Manager which allows you to define custom rules for optimized results. Send unlimited concurrent requests increasing speed, cost-effectiveness, and overall efficiency.

  • Rsocks

    Rsocks

    RSocks team offers a huge amount of residential plans which were developed for plenty of tasks and, most importantly, has been proved to be quite efficient. Such variety has been created on purpose to let everyone choose a plan for a reasonable price, online, rotation and other parameters.

  • Storm Proxies

    Storm Proxies

    Storm Proxies' network is optimized for high performance and fast multi-threaded tools. You get unlimited bandwidth. No hidden costs, no limits on bandwidth. Try Storm Proxies 100% Risk Free. If you are not happy with the service email us within 24 hours of purchase and we will refund you.