Phishing schemes mimic OPM breach notifications

Phishing schemes mimic OPM breach notifications

It was probably inevitable:  The millions of Americans whose personal information may have been stolen from Office of Personnel Management databases must now worry about scammers trying to capitalize on the government's response to that breach.

A June 30 alert from the U.S. Computer Emergency Readiness Team warned that "US-CERT is aware of phishing campaigns masquerading as emails from [OPM] or the identity protection firm CSID." After the breach was disclosed on June 4, OPM contracted with CSID to notify affected personnel and promised free credit monitoring for those whose records were compromised.

US-CERT did not offer specific examples of the fake emails, but did urge recipients to report any suspicious messages.   The agency also reminded individuals that "the legitimate domain used for accessing identity protection services is"

The breaches of OPM data are believed to have affected current and former federal employees, recent applicants for federal jobs, some industry contractors and -- thanks to the details demanded on the Standard Form 86 used for security clearances -- a wide range of applicants' family members, friends and acquaintances.  OPM has not specified the number of individuals believed to be affected, but estimates have ranged from 4 million to upwards of 14 million.   

About the Author

Connect with the GCN staff on Twitter @GCNtech.


  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected