Department of Homeland Security officials confirmed Thursday that hackers may have breached the Office of Personnel Management’s network, which contains personal information about federal employees and other potentially sensitive data.
A DHS official told The Washington Post that agencies have not yet found “any loss of personally identifiable information.”
Interestingly, OPM doesn’t appear to have notified federal employees about the attack. Among 15 employees approached by The Post on Thursday, none could recall an announcement from the government, although some wondered whether they had missed an e-mail about the breach at some point.
“We haven’t heard officially,” said Takoma Park resident Suzanne Pilsk, a Smithsonian Institution librarian. She added that she learned of the issue through a Post article.
Similarly, Rosie Delaney, a Crofton resident and IT specialist for the Environmental Protection Agency, said she doesn’t remember the government sending an alert. “They’re really good about notifying us when things happen, so I probably was notified, but I get so many e-mails that it’s easy to miss something,” she said.
The government publishes certain details about its employees, such as their names, job titles and salaries, all of which is public information under the law. But some workers are worried that hackers may access more-sensitive personal data.
“I am concerned that Social Security numbers could be released, but from what I’ve read so far, it seems like that hasn’t happened,” Pilsk said.
Smithsonian librarian Alvin Hutchinson, a D.C. resident, said he is primarily concerned about potential financial loss and the extent of his legal liability if hackers use his personal information to commit fraud. But he also said he has grown accustomed to hacking threats.
“I’m not terribly afraid, because I’m sort of numb to this,” Hutchinson said. “You hear about data breaches and privacy invasions all the time. I’d like to say that I’m skittish about it, but it just happens so much.”
Pilsk expressed confidence that the government is dealing effectively with cybersecurity threats. “I know there’s a lot of infrastructure in place to protect data,” she said. “I know it’s a concern, but I feel like they’re trying their best.”
Other workers questioned whether the government can always guarantee protection against constantly evolving threats. “It’s sort of an arms race,” Hutchinson said. “Any measures the government could take to provide greater security for our data is going to be met with some innovation by hackers to get around it.”