E-mail to OPM staff on security breach

The following e-mail was sent to all Office of Personnel Management employees following revelations of a security breach of the agency’s computer network:

You may have seen the recent media reports about a breach of the OPM network.  Due to the constant monitoring systems in place at DHS and OPM, we were alerted to a potential intrusion of our network in mid-March.  We acted immediately, in collaboration with DHS and interagency partners, to mitigate the risks identified and ensure our systems are secure.  At this time, neither OPM nor US-CERT have identified any loss of personally identifiable information for any users of OPMs internal or external systems.  We continue to exercise the utmost vigilance in monitoring for potential threats and protecting our information and systems, and there is no need for additional action from employees related to this incident.

Public and private networks are targets for malicious activity because of the wealth of information they process.  Therefore, all of us here at OPM must be ever-vigilant in our efforts to understand the threats, weigh the risks, and put in place countermeasures to mitigate those risks and reduce any potential damage.  This is why we launched our communications campaign to make you more aware of the threats, show you how vulnerabilities can affect our network and business systems, and help you understand what you can do to help prevent attacks and the potential disclosure of sensitive information, including PII.  As always, please contact your supervisor if you have any questions or observe anything suspicious.  Thank you for your continued diligence.