This article has been updated.
The Office of Personnel Management announced Thursday that next week it would begin sending 4 million current and former federal employees notifications that their personal information has been breached in a massive hacking incident that investigators discovered in April.
In an announcement posted on its website, OPM said that beginning June 8 and continuing through June 19, the agency will send notifications to the millions of people whose personal data was compromised in the breach.
“The email will come from firstname.lastname@example.org and it will contain information regarding credit monitoring and identity theft protection services being provided to those federal employees impacted by the data breach,” OPM said in the announcement.
OPM said it would send letters by standard U.S. mail to people for whom the agency does not have email addresses on file.
OPM will offer the 4 million people whose data was potentially exposed free credit monitoring services and identity theft insurance with CSID, a private firm. OPM said employees and retirees would receive 18-month memberships that include “credit report access, credit monitoring, identity theft insurance and recovery services.”
OPM’s Thursday announcement include tips for employees on monitoring their identities and financial protection.
The malicious activity discovered in April marks the fourth network intrusion of an organization holding sensitive records on personnel with possible access to classified information. OPM alone has been attacked by hackers twice during the past year.
Federal officials told the Washington Post that the breach was the work of hackers acting on behalf of China. The intruders gained access to "employees’ Social Security numbers, job assignments, performance ratings and training information," the Post reported.
“Protecting our federal employee data from malicious cyber incidents is of the highest priority at OPM,” said agency director Katherine Archuleta in a statement. “We take very seriously our responsibility to secure the information stored in our systems, and in coordination with our agency partners, our experienced team is constantly identifying opportunities to further protect the data with which we are entrusted.”
National Treasury Employees Union President Colleen Kelley issued a statement saying the organization was "very concerned" about the breach. "It is vital to know as soon as possible the extent to which, if any, personal information may have been obtained so that affected employees can be notified promptly and encouraged to take all possible steps to protect themselves from financial or other risks," Kelley said.