Over the next several weeks, millions of Americans will receive a letter from Office of Personnel Management (OPM) Acting Director Beth Cobert bearing the following message: “As you may know, the Office of Personnel Management (OPM) was the target of a malicious cyber intrusion carried out against the U.S. Government, which resulted in the theft of background investigation records. You are receiving this notification because we have determined that your Social Security Number and other personal information was included in the intrusion.”
Approximately 21.5 million people were impacted by last year’s OPM data breach, including 19.7 million security clearance applicants and 1.8 million of their relatives and associates. Stolen records include fingerprints, background investigation findings, and personal login information. The attack was one of the most extensive breaches of government data in U.S. history – but in this day and age, it is unlikely to be the last.
In order to learn more about the perspective of government employees on personal data breaches, Government Business Council conducted a flash poll on the following question:
GBC received responses from 186 federal, state, and local government employees. 71% indicated that they were concerned or very concerned about cyber breaches at their organization impacting their personal information. The results also reveal federal employees to be somewhat more anxious about compromised personal information: while 83% of federal respondents stated that they were concerned or very concerned about breaches, only 62% of state and local respondents expressed a similar degree of concern.
While federal employees are still reeling from the fallout of the OPM hacks, state and local employees are no less at risk when it comes to cyber incidents. In recent years, both South Carolina and Utah have been targeted by extensive attacks that compromised the data of millions of individuals and businesses. Looking ahead, organizations should focus on raising awareness and providing workforce training on secure online habits. Employees, in turn, should take care to integrate these practices into their online routine in order to better protect themselves and those around them from potential breaches.