In April 2015, the Office of Personnel Management (OPM) became aware of a cybersecurity incident affecting its systems and data that may have compromised the personal information of current and former federal employees. (Incident #1)
OPM began conducting notifications to affected individuals using email and/or USPS First Class mail on June 8, 2015. Recognizing the inherent security concerns in this methodology, with OPM and CSID support, DoD suspended notifications to employees on June 11, 2015, until an improved, more secure notification and response process is in place. Late June 15, 2015, OPM advised that email notification resumed. Email notifications should be complete by June 22, 2015. U.S. Postal mail notifications will take longer.
For the latest DON OPM data breach information and updated DON OCHR FAQs, visit this site frequently.
In the course of the ongoing investigation into the cyber intrusion that compromised personnel records of current and former federal employees (announced June 4), it was discovered that additional OPM systems were compromised. These systems contain information related to background investigations. OPM, the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) are working as part of an ongoing investigation to determine the number of people affected by this separate intrusion. OPM will notify those individuals whose information may have been compromised as soon as practicable. (Incident #2)
Since the investigation is on-going, additional exposures may come to light; if this occurs, OPM will conduct additional notifications as necessary.