In June 2015, the United States Office of Personnel Management (or OPM) suffered one of the most substantial confidential data breaches in history. For those unfamiliar with the breach, the OPM is an independent agency that acts as a sort of human resources department for the federal government. Per their official website, “OPM works in several broad categories to recruit, retain, and honor a world-class workforce for the American people.” Some of the agency’s duties include posting government jobs announcements online, running background checks for prospective employees, managing pensions for retired federal workers, and other responsibilities related to American civil service.
The Background of the OPM Data Breach
As a result of these HR-like responsibilities, OPM maintains a filing system that includes a slew of sensitive, confidential information related to government employees. The OPM data breach saw much of this confidential data accessed and stolen from the agency’s computer system. According to CNN, the breach compromised the data of some 21.5 million people—including social security numbers, addresses, work and educational history, criminal and financial history, and even fingerprints.
Most of the data stolen in the OPM security breach was directly related to government employees or individuals who had applied for government jobs. However, since the government also requires applicants or employees to disclose information regarding their spouses, partners, immediate family members, or business acquaintances, individuals outside of the government’s civil service wing were also affected.
Attribution of Responsibility
Unsurprisingly, the OPM data breach has been labeled as one of the largest and most notable instances of cyber crime in history. Also unsurprising is the fact that the security breach has led to several instances of finger pointing—both within the United States government and from the media.
In terms of concrete responsibility, government officials have indicated that Chinese hackers were likely the perpetrators behind the breach. Numerous media sources—including the Wall Street Journal and the Washington Post—have reported that the US government attributed blame for the attacks to the Chinese government. China’s government, of course, has denied sponsoring the attacks and it’s possible that the hackers were not affiliated with the Chinese government.
At home, American politicians have used the data breach as a reason to criticize the Office of Personnel Management for failing to identify security flaws and adequately protect sensitive employee and applicant information. Katherine Archuleta, the former director of the OPM, was a particularly large target for criticism, with some politicians blaming the entire security breach on her negligence. Archuleta eventually resigned from her position as OPM director.
John Boehner, the former speaker of the United States House of Representatives, even put some of the blame on the Obama presidency, saying that “It has taken this administration entirely too long to come to grips with the magnitude of this security breach—a breach that experts agree was entirely foreseeable.” Boehner went on to say that America’s servicemen and women “need to be able to trust that the government can keep their personal information safe and secure.”
The Consequences of the Security Breach
Regardless of where the blame lies for the OPM data breach, there is no doubt that this particular instance of cyber crime has a far-reaching (but not entirely predictable) set of consequences. The most pressing worry early on was that the stolen OPM documents and data could be used for purposes of “political espionage.” Specifically, government officials feared that foreign governments or terrorist groups might use the information to identify United States spies.
According to the Washington Post, the CIA even pulled a number of officers from the Chinese embassy following the security breach. The move was a “precautionary measure” meant to prevent those officers from being flagged as spies by the Chinese government.
The OPM data breach also briefly affected many US government branches and agencies when the Office of Personnel Management temporarily shut down the online system it uses to conduct background checks. According to the website Government Technology, the OPM decided to shut down the background check system to “patch vulnerabilities.” Unfortunately, the shutdown made it briefly impossible for other government branches to run background checks and staff projects, which created numerous deadline issues across the federal government. One such delay affected the maintenance of Navy fleets.
What the Data Breach Means for You
Unless you work for the government or have a family member or close business partner who does, the chances are that your personal data was not compromised by the OPM security breach. What the breach should prove to everyone, though—from government agencies to private businesses—is how important it is to have strong security measures in place to protect sensitive data.
The benefits of having a digital filing system are plentiful for any business—whether you store your files on an on-site server or to the Cloud. Being able to pull up personnel files or key project documents right on your computer screen is far more convenient and time conscious than digging around in a filing cabinet looking for the right folder. Unfortunately, digital documents have one disadvantage that paper files never did: they can be hacked.
As a result, it is important to be vigilant about keeping your digital filing system safe and secure. The best way to ensure this kind of peace of mind is to utilize DMS (document management software) with advanced security features. eFileCabinet offers 256-bit AES encryption on files, both in-transit and at rest, and controlling file access with user-based permissions. We help keep healthcare organizations compliant with the stringent document management guidelines laid forth by HIPAA and are also compliant with the SEC and FINRA.
The bottom line is that eFileCabinet provides the type of safe digital filing system that you need to keep your company and personnel data secure at all times. Let us help you stave off cyber crime and keep your data confidential. If you are interested in getting a 15-minute preview of what the software looks like in action, click the “Free Demo” tab at the left of the screen.