Connolly Requests OPM Update on 2015 Data Breach

f t # e
Washington, June 26, 2018 | comments
Today, Congressman Gerry Connolly (D-VA), Vice Ranking Member of the House Oversight and Government Reform Committee, sent a letter to Office of Personnel Management (OPM) Director Jeff Pon requesting information on actions taken in response to the 2015 OPM data breach.

“The Department of Justice has declined to disclose publicly how the defendants in that case obtained the personally identifiable information (PII) of victims of the 2015 OPM data breach. I believe further details about how the defendants obtained the PII could be useful for the purposes of protecting victims of the breach from further criminal activity,” Connolly wrote. “I would like to ensure that OPM is receiving sufficient information from DOJ about this case and that the two agencies are collaborating in order to prevent further criminal use of the PII from the OPM data breach.”

“OPM and the broader public could benefit from more information about how the OPM data breach information is being obtained by criminals,” Connolly added. “It is my hope that OPM and its vendors for credit monitoring and identity theft protections services are engaging in a vigorous defense of breach victims and their sensitive personal information.”

The full letter follows and is available here.



June 26, 2018

The Honorable Jeff T.H. Pon
Director
Office of Personnel Management
1900 E Street, NW
Washington, DC 20415

Dear Director Pon,

I write to request a detailed summary of the actions taken by the Office of Personnel Management (OPM) in response to the first publicly disclosed case filed by the Department of Justice involving the criminal use of information illegally obtained through the 2015 OPM data breach.

The Department of Justice has declined to disclose publicly how the defendants in that case obtained the personally identifiable information (PII) of victims of the 2015 OPM data breach. I believe further details about how the defendants obtained the PII could be useful for the purposes of protecting victims of the breach from further criminal activity. I would like to ensure that OPM is receiving sufficient information from DOJ about this case and that the two agencies are collaborating in order to prevent further criminal use of the PII from the OPM data breach.

In one of the largest breaches of government data in our nation’s history, 22 million individuals had their PII stolen as a result of the OPM data breach. The stolen PII included the social security numbers and other sensitive information background investigation records for current, former, and prospective Federal employees and contractors. Congress has provided these individuals with free credit monitoring and identity theft protection services and tasked OPM with managing those services. OPM and the broader public could benefit from more information about how the OPM data breach information is being obtained by criminals.

Thank you for your immediate attention to this request. It is my hope that OPM and its vendors for credit monitoring and identity theft protections services are engaging in a vigorous defense of breach victims and their sensitive personal information. Please do not hesitate to reach out to my office if we can help OPM better serve breach victims.

Best Regards,

Gerald E. Connolly
Member of Congress
11th District, Virginia
f t # e

Office Locations