Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Hack affected every single federal employee, union says
CNET ^ | June 11, 2015 | Laura Hautala

Posted on 06/11/2015 7:02:35 PM PDT by 2ndDivisionVet

A hack announced last week affected all current and retired federal employees, and hackers got their hands on much more personal information than previously announced, the American Federation of Government Employees said Thursday.

A December breach of government systems containing personal information of millions of federal employees was worse than originally thought.

A union of federal workers said Thursday that the attack, announced last week, had stolen confidential information of every single federal employee, past or present -- far more than was previously revealed. The government disputes those claims.

It's the latest in a spree of damaging hacks against the government, including an attack in March 2014 that also involved federal employee records.

Hackers acting in the name of a political agenda, and those paid by other countries, have stepped up their efforts to breach U.S. government systems for a variety of reasons. In some cases, they've hoped to embarrass President Barack Obama's administration, and in others they've made statements about the US military. Successful attacks include a group that breached the CIA's public website, another that took control of the US military's Twitter feed, and a group that successfully intercepted the president's emails.

In this case, if the union is correct, the hack would be the first to affect every employee of any organization or company.

The union's allegations come a few months after Obama promised the federal government would work with companies to protect people from hacks and identity theft. Obama's administration has since blamed Chinese hackers for the breach of federal employee information.

"We believe that hackers are have every affected person's Social Security number, military records and veterans' status information, address, birth date, job and pay history, health insurance, life insurance, and pension information; age, gender, race, union status, and more," American Federation of Government Employees President J. David Cox wrote in a letter to the US Office of Personnel Management. Worse, he wrote the Social Security numbers of employees don't appear to have been protected with encryption algorithms, a standard security measure for sensitive information. Cox called the lack of adequate security controls "absolutely indefensible and outrageous."

Jackie Koszczuk, a spokeswoman for the Office of Personnel Management, said in the Associated Press report that every current and retired federal employee's records were compromised was not correct.

The letter was first obtained by the Associated Press.

The attack was first revealed last week, when the government said the personal information of 4 million federal workers had been breached. The union said it believes "the hackers are now in possession of all personnel data for every federal employee, every federal retiree, and up to one million former federal employees," Cox wrote.

The government has pledged to notify each affected employee of the hack and offer services to help counter any abuse of their information.


TOPICS: Business/Economy; Crime/Corruption; Foreign Affairs; Government
KEYWORDS: 201412; afge; afscme; china; cyberwar; cyberwarfare; hack; hackers; seiu
Navigation: use the links below to view more comments.
first previous 1-2021-4041-6061-64 next last
To: 2ndDivisionVet

So, are they blaming El Presidente Obama?

If a Republican were President that would be all we would be hearing from the Government Employee Unions.


21 posted on 06/11/2015 7:34:39 PM PDT by Kickass Conservative (Hillary, because it's time for a POTUS without a SCROTUS...)
[ Post Reply | Private Reply | To 1 | View Replies]

To: 22202NOVA

“This is about establishing a database for other reasons.”

What other reasons?


22 posted on 06/11/2015 7:37:40 PM PDT by Rebelbase
[ Post Reply | Private Reply | To 12 | View Replies]

To: Crim

“Good...I hope every Fedgov employee is haveing a crap fit right now....how do you like your privacy invaded.”

This will have a chilling effect on potential new, smart employees.

Unfortunately, this will not stop (even more) idiots and crooks from applying.


23 posted on 06/11/2015 7:47:34 PM PDT by The Antiyuppie ("When small men cast long shadows, then it is very late in the day".)
[ Post Reply | Private Reply | To 3 | View Replies]

To: Enterprise

YOu’d guess wrong. It was the OPM that got hacked. Everything housed in one nice, easy to reach, server bank.


24 posted on 06/11/2015 7:48:09 PM PDT by PAR35
[ Post Reply | Private Reply | To 15 | View Replies]

To: 2ndDivisionVet

Gov mandated “Electronic Health Records”...what could possibly go wrong?
http://www.cchfreedom.org/cchf.php/928#.VXpI_3pRGtU


25 posted on 06/11/2015 7:52:27 PM PDT by TurboZamboni (Those who make peaceful revolution impossible will make violent revolution inevitable.-JFK)
[ Post Reply | Private Reply | To 1 | View Replies]

To: HiTech RedNeck
If I believed in karma this is how it would behave. (Actually, God may be in the process of teaching a lot of lessons to a lot of people right now.)

I know a lot of federal employees. Many are good folks. There are a lot of conservatives in federal positions. Unfortunately, they're being overwhelmed by liberals. This hurts the good along with the bad.

26 posted on 06/11/2015 7:55:45 PM PDT by IYAS9YAS (Has anyone seen my tagline? It was here yesterday. I seem to have misplaced it.)
[ Post Reply | Private Reply | To 13 | View Replies]

To: PAR35

Well does the Office of Personnel Management have files on ALL Government employees or just some of them?


27 posted on 06/11/2015 7:56:42 PM PDT by Enterprise ("Those who can make you believe absurdities can make you commit atrocities." Voltaire)
[ Post Reply | Private Reply | To 24 | View Replies]

To: HiTech RedNeck
At the same time why did Uncle Sham EVER put all this gold in one convenient pot?

No answer at this point. A question I have is what was actually hacked. If it's Office of Personnel Management, they not only have data on actual employees, but prospective employees as well. This could very well go beyond just federal employees.

28 posted on 06/11/2015 7:58:24 PM PDT by IYAS9YAS (Has anyone seen my tagline? It was here yesterday. I seem to have misplaced it.)
[ Post Reply | Private Reply | To 14 | View Replies]

To: 2ndDivisionVet

So where’s Obama’s InfoSec Czar?


29 posted on 06/11/2015 7:59:11 PM PDT by FreedomPoster (Islam delenda est)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Enterprise
Well does the Office of Personnel Management have files on ALL Government employees or just some of them?

From what I understand, all, along with prospective hires. They deal with anyone hired by, and wanting to be hired by the fedgov according to their website.

30 posted on 06/11/2015 8:01:29 PM PDT by IYAS9YAS (Has anyone seen my tagline? It was here yesterday. I seem to have misplaced it.)
[ Post Reply | Private Reply | To 27 | View Replies]

To: 22202NOVA
If feels like you're right but can you share a little more about what you think could be going on here.

What reason could there be for establishing a database that's threatening beyond the obvious financial reasons ... or for taking out SEALS? How is this different than normal identity theft - but on a much larger scale?

31 posted on 06/11/2015 8:02:53 PM PDT by GOPJ (If the MSM stops lying about conservatives, we'll stop telling the truth about them.)
[ Post Reply | Private Reply | To 12 | View Replies]

To: Enterprise
One other thing I’m wondering about. Could it be possible that this latest hacking might have been made possible because of the stupid way Hillary Clinton set up her own communications system?


32 posted on 06/11/2015 8:03:27 PM PDT by Talisker (One who commands, must obey.)
[ Post Reply | Private Reply | To 17 | View Replies]

To: Enterprise
Well does the Office of Personnel Management have files on ALL Government employees or just some of them?

Here's a sentence from the OPM website: Beginning June 8 and continuing through June 19, OPM will be sending notifications to approximately 4 million individuals whose Personally Identifiable Information was potentially compromised in this incident.

In fedgov speak Personally Identifiable Information (PII) is anything that could be used to identify an employee besides their name. The name is the key, and by itself is not PII, but anything with the name is - birth date, maiden name, address, phone number, ssn, mother/father/family information, marital status, sex, race, ethnicity, etc...

33 posted on 06/11/2015 8:08:10 PM PDT by IYAS9YAS (Has anyone seen my tagline? It was here yesterday. I seem to have misplaced it.)
[ Post Reply | Private Reply | To 27 | View Replies]

To: Enterprise

Not sure if it would include military - I thought it was just civilian. From OPM “every federal agency”. I know they do DOD civilians. I’m also not sure about the Post Office - technically not an agency, but I know they are considered government employees.

“As the central human resources planners for the Federal Government, OPM is responsible for the successful management of human capital, not only within our own organization, but also across every Federal agency. We assist Federal agencies in hiring new employees, provide Federal investigative services for background checks, create training programs to develop tomorrow’s leaders — and much more.”


34 posted on 06/11/2015 8:09:05 PM PDT by PAR35
[ Post Reply | Private Reply | To 27 | View Replies]

To: IYAS9YAS

An address may not be PII. It depends... For example, if an agency sent you a letter, the name and address appearing together on the outside of the envelope would not be considered protected PII.


35 posted on 06/11/2015 8:11:32 PM PDT by PAR35
[ Post Reply | Private Reply | To 33 | View Replies]

To: PAR35
Not sure if it would include military - I thought it was just civilian. From OPM “every federal agency”. I know they do DOD civilians. I’m also not sure about the Post Office - technically not an agency, but I know they are considered government employees.

OPM's website mentions 4 million hacked. Federal civilian employee numbers are listed at 2,663,000 and military at 1,459,000 for 2014. Legislative and judicial branch at 63,000. That's a current sum of 4,185,000. Sources: http://www.opm.gov/policy-data-oversight/data-analysis-documentation/federal-employment-reports/historical-tables/total-government-employment-since-1962/

and

http://www.opm.gov/news/latest-news/announcements/

36 posted on 06/11/2015 8:15:39 PM PDT by IYAS9YAS (Has anyone seen my tagline? It was here yesterday. I seem to have misplaced it.)
[ Post Reply | Private Reply | To 34 | View Replies]

To: PAR35
An address may not be PII. It depends... For example, if an agency sent you a letter, the name and address appearing together on the outside of the envelope would not be considered protected PII.

Office of Management and Budget's definition: Personally Identifiable Information (PII). The term “PII,” as defined in OMB Memorandum M-07-1616 refers to information that can be used to distinguish or trace an individual’s identity, either alone or when combined with other personal or identifying information that is linked or linkable to a specific individual. The definition of PII is not anchored to any single category of information or technology. Rather, it requires a case-by-case assessment of the specific risk that an individual can be identified. In performing this assessment, it is important for an agency to recognize that non-PII can become PII whenever additional information is made publicly available — in any medium and from any source — that, when combined with other available information, could be used to identify an individual.

You're right, it depends, but think about a person who has an ex trying to hunt them down for less than savory reasons gaining access to that data.

37 posted on 06/11/2015 8:21:23 PM PDT by IYAS9YAS (Has anyone seen my tagline? It was here yesterday. I seem to have misplaced it.)
[ Post Reply | Private Reply | To 35 | View Replies]

To: HiTech RedNeck

I can only guess that we have been lazy and complacent about cyber security. My access card has PII that is apparently unencrypted. Makes it just too easy.


38 posted on 06/11/2015 8:39:48 PM PDT by 22202NOVA (Tagline? I don't need no stinking tagline!)
[ Post Reply | Private Reply | To 14 | View Replies]

To: Rebelbase

Sources for information comes immediately to my mind.


39 posted on 06/11/2015 8:42:10 PM PDT by 22202NOVA (Tagline? I don't need no stinking tagline!)
[ Post Reply | Private Reply | To 22 | View Replies]

To: Uncle Miltie

I have to laugh....NSA is suppost to catch all this and didn’t so just why did we have them ‘catch terrorists calls’????


40 posted on 06/11/2015 8:47:08 PM PDT by HarleyLady27 (Get the USA out of the UN then get the UN out of the USA; send bamaboy back to Kenya ASAP!!!!)
[ Post Reply | Private Reply | To 6 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-2021-4041-6061-64 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson