21 Million SSNs Hacked: Here’s What To Do
The U.S. Office of Personnel Management or OPM announced on July 9 that 21.5 million Social Security Numbers of individuals were stolen from background investigation databases. This includes 19.7 million individuals that applied for a background investigation and 1.8 million non-applicants including spouses or co-habitants of applicants. Individual information obtained from interviews conducted by background investigators, including 1.1 million fingerprints, are believed to also be compromised.
The OPM said there are no indications at this time that the hacked information was already maliciously used. Nevertheless, the office has also announced guidelines for those who are impacted of the breach.
Who are affected?
Individuals who underwent a background investigation through OPM in 2000 or afterwards are the ones most likely impacted by the hack. These individuals who underwent a background investigation prior to 2000 still may be impacted, “but is less likely.”
Spouses or co-habitants, including children, of these individuals whose name, address, date of birth, or other similar information which may have been listed on a background investigation form, may also be affected by the breach.
Essentially, individuals currently or formerly a Federal government employee, member of the Military or Veteran, current or former federal contractor, a job candidate required to complete a background investigation before start date and any of these individuals’ spouse, co-habitant, minor child and close contacts, are in the highest risk of being affected by the crisis.
What to do?
OPM will begin to send notification packages for all individuals affected by the hack. Those individuals who underwent a background investigation through OPM in 2000 and onwards are highly advised to wait for these packages. These packages will provide details on the incident and information on how to access these services.
“We will begin to notify people affected by the background investigation incident in the coming weeks. At that time, you will be auto-enrolled in some services and will need to take action to enroll in others,” the OPM said.
(You might be interested: Revealed: Hacking Team And US Government Love Affair)
While OPM is still in the process of setting up websites and a call center to handle the crisis, anyone who are concerned about their information are advised to visit IdentityTheft.gov and the National Counterintelligence and Security Center or NCSC at http://www.ncsc.gov.
Anyone who wants to learn about online safety best practices can visit Onguardonline.gov. Those who are concerned about their children’s identity being stolen are advised to visit the Federal Trade Commission information and resources.
Everyone is also highly advised to change their passwords immediately. Do not to click on suspicious links that may suddenly be received via email and never give out personal information through these links. Take note that legitimate organizations never ask for sensitive information through texts, pop-up messages or email.
There may also be people who may call and pretend to be from government or a business to lure people of giving out their sensitive information. If a caller asks for your information, call back using a number you know to be legitimate.