Skip to main content

Office of Personnel Management and its CIO ruled responsible for 2014-2015 hacks

The House Oversight and Government Reform Committee has now published its report on the 2014 and 2015 hacks of the Office of Personnel management (OPM), informing the world of who it believes was ultimately responsible. It’s laid the blame squarely at the feet of the OPM, claiming that had it implemented “basic cyber-hygiene,” neither breach may ever have happened.

Tens of millions of U.S. government employees and their close relations had personnel information revealed as part of the breaches in 2014 and 2015, when hackers managed to infiltrate the OPMs servers. It was real egg on the face for the administration, as well as damaging to the potential security of many of America’s most at-risk government employees.

Recommended Videos

We’re told that the first breach — which actually took place in 2013 but was not discovered until several months later in 2014 — allowed hackers to steal manuals and information on the types of data stored on the servers. It was the second breach that did the real damage however, stealing investigation data, personnel records and even fingerprints of millions of government employees.

While it was likely that security at the OPM had been breached, it wasn’t clear if it was entirely at fault for the hack, but that is what the Oversight Committee has decided. In its extensive report, titled (damningly): “The OPM Data Breach: How the Government Jeopardized Our National Security for More than a Generation,” the committee claimed that there were basic tools that could have been used to prevent breaches, but the OPM did not use them.

In fact, even the tool used to discover the breaches was not purchased by the OPM. It was undergoing a trial of the software on its live network and discovered the massive infiltration of foreign actors, which many believe were acting on behalf of the Chinese government.

Even then, the OPM didn’t pay up, purportedly returning the software after attempting to clear up the breach without incident (as per Ars Technica).

The report also takes aim at former OPM chief information officer Donna Seymour, who it claims lied during her testimony about the breaches, deliberately playing down the OPM’s lack of readiness and even claiming that the damage done was not as severe as it ultimately turned out to be.

Moving forward, the report recommends that all federal agencies have an appointed CIO who is not only competent and empowered to make necessary changes, but is also accountable for and failing in the organization’s digital security.

Other recommendations include fewer employees identifying themselves using social security numbers, as well as treating all employees as “outside” users with much more limited permissions.

Please enable Javascript to view this content

Jon Martindale
Jon Martindale is a freelance evergreen writer and occasional section coordinator, covering how to guides, best-of lists, and…
Save $349 on a 12-month Starlink subscription, but only if you’re in these states
A Starlink dish next to an RV.

If you're willing to sign up for 12 months' worth of Starlink, this new deal could be a great option for you. Elon Musk's satellite internet provider just announced a deal that gets you the Starlink hardware for free as long as you commit to a 12-month residential service plan.

Normally, if you sign up for Starlink, you'll be faced with a monthly plan, but also the price of the dish and the router. In the U.S., that price normally sits at $349, which can be considered a hefty upfront commitment. The new promotion brings the price of the hardware down to $0, although you'll still need to sign up for 12 months of the Residential plan. This could either mean Residential Lite, priced at $80, which offers "unlimited deprioritized data," or the Residential plan, which costs $120 per month and removes the "deprioritized" factor.

Read more
I’m intrigued by Apple’s weird keyboard idea that could change how you use your MacBook
Apple MacBook Air 13 M4 top down view showing keyboard and touchpad.

Ever since I tried my first mechanical keyboard many moons ago, I’ve been totally sold on clicky switches and chunky keycaps. I use a mechanical keyboard for both my Mac and my PC, and typing on Apple’s Magic Keyboard, as good as it is, just feels weird to me these days.

That means that when I saw that Apple has been granted a patent for a weird new keyboard concept, my ears immediately pricked up.

Read more
This Lenovo ThinkPad is usually $1,739 — today it’s under $1,000
The Lenovo ThinkPad E16 Gen 2 laptop on a gray background.

If you're browsing laptop deals for a reliable device at a nice price, you can't go wrong with Lenovo's ThinkPad laptops. Here's an offer to consider: the Lenovo ThinkPad E16 Gen 2 with a 43% discount on its estimated value of $1,739, so you'll only have to pay $980. We're not sure how much time is remaining on this chance to buy this laptop for under $1,000 though, so we highly recommend hurrying with your purchase if you don't want to miss the $759 in savings.

Why you should buy the Lenovo ThinkPad E16 Gen 2 laptop

Read more