By Amaani Lyle
DoD News, Defense Media Activity
WASHINGTON, September 2, 2015 — U.S. Office of Personnel Management officials recently awarded to ID Experts a contract encompassing a comprehensive suite of identity theft and credit monitoring services for compromised victims, agency officials announced yesterday during a media conference call.
Beth Cobert, OPM’s acting director, said the most recent data breach was one of the largest cyber crimes ever carried out against the U.S. government and she pledged to provide impacted parties individualized notices about obtaining additional credit monitoring services at no cost.
All 21.5 million impacted individuals and their minor dependent children “are now covered for identity theft insurance and identity restoration services,” she said.
ID Theft, Fraud Protection Services
“Once notifications have been received,” Cobert added,” I hope people will take advantage of the comprehensive identity theft and fraud protection services we are providing to the victims of these crimes.”
These notifications, she said, will begin by the end of September and continue over the following weeks.
Navy Rear Adm. Allie Coetzee, DoD’s principal deputy for defense procurement and acquisition, said the contract immediately covers individuals with $1 million in insurance, as well as restoration services in cases following discovery of further compromise to information or identity.
“Individuals who elect to can sign up for three years of credit monitoring and identity theft protection through contractor services,” Coetzee said.
OPM has partnered with experts across government to take significant strides in securing IT systems and guarding against future attacks, the admiral explained.
“OPM is … committed to helping those whose personal information was stolen by providing them with high-quality identity theft and credit protection services free of charge,” she said.
Colbert noted that due to the nature of breached information, OPM offers individuals the option to enroll their minor dependent children for credit monitoring and other services.
Commitment to Protect Information
OPM’s acting director noted that she has a personal stake in the matter as part of OPM’s commitment to protecting the security federal employees and contractors’ information.
“As one of the millions of people who had their own personal information stolen, I completely understand and share the concern and frustration people are feeling,” she said. “I’m sorry about the concern this breach has caused and want to assure everyone impacted that we are doing all in our power to support those individuals victimized by this cybercrime.”
Cobert praised the collaboration between the U.S. General Services Administration and the Defense Department in the development and execution of the contract.
“DOD in particular is best positioned to deliver the quality and volume of support to these cybercrime victims,” she said.
VIEW THE PRESS RELEASE FROM OPM
FOR IMMEDIATE RELEASE
Tuesday, September 01, 2015
OPM, DoD Announce Identity Theft Protection and Credit Monitoring Contract
Victims of Cybercrime to Receive Three Years of Services
WASHINGTON, D.C. – The U.S. Office of Personnel Management (OPM) and the U.S. Department of Defense (DoD) today announced the award of a $133,263,550 contract to Identity Theft Guard Solutions LLC, doing business as ID Experts, for identity theft protection services for 21.5 million individuals whose personal information was stolen in one of the largest cybercrimes ever carried out against the United States Government. These services will be provided at no cost to the victims whose sensitive information, including Social Security numbers, were compromised in the cyber incident involving background investigations.
“We remain fully committed to assisting the victims of these serious cybercrimes and to taking every step possible to prevent the theft of sensitive data in the future,” said Beth Cobert, Acting Director of the Office of Personnel Management. “Millions of individuals, through no fault of their own, had their personal information stolen and we’re committed to standing by them, supporting them, and protecting them against further victimization. And as someone whose own information was stolen, I completely understand the concern and frustration people are feeling.”
ID Experts will provide all impacted individuals and their dependent minor children (under the age of 18 as of July 1, 2015) with credit monitoring, identity monitoring, identity theft insurance, and identity restoration services for a period of three years. This task order was awarded under GSA’s Blanket Purchase Agreements (BPA) for Identity Monitoring, Data Breach Response and Protection Services which GSA awarded today.
The U.S. Government, through the Department of Defense, will notify those impacted beginning later this month and continue over the next several weeks. Notifications will be sent directly to impacted individuals.
For more information, or to sign up for email alerts, please visit https://www.opm.gov/cybersecurity.
OPM has previously issued the following guidance to affected individuals:
- Monitor financial account statements and immediately report any suspicious or unusual activity to financial institutions.
- Request a free credit report at www.AnnualCreditReport.com or by calling 1-877-322-8228. Consumers are entitled by law to one free credit report per year from each of the three major credit bureaus – Equifax®, Experian®, and TransUnion® – for a total of three reports every year. Contact information for the credit bureaus can be found on the Federal Trade Commission (FTC) website, www.ftc.gov.
- Review resources provided on the FTC identity theft website, www.ftc.gov/idtheft. The FTC maintains a variety of consumer publications providing comprehensive information on computer intrusions and identity theft.
- You may place a fraud alert on your credit file to let creditors know to contact you before opening a new account in your name. Simply call TransUnion® at 1-800-680-7289 to place this alert. TransUnion® will then notify the other two credit bureaus on your behalf.
How to avoid being a victim:
- Be suspicious of unsolicited phone calls, visits, or email messages from individuals asking about employees or other internal information. If an unknown individual claims to be from a legitimate organization, try to verify his or her identity directly with the company.
- Do not provide personal information or information about your organization, including its structure or networks, unless you are certain of a person’s authority to have the information.
- Do not reveal personal or financial information in email, and do not respond to email solicitations for this information. This includes following links sent in email.
- Do not send sensitive information over the Internet before checking a website’s security (for more information, see Protecting Your Privacy, http://www.us-cert.gov/ncas/tips/ST04-013).
- Pay attention to the URL of a website. Malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain (e.g., .com vs. .net).
- If you are unsure whether an email request is legitimate, try to verify it by contacting the company directly. Do not use contact information provided on a website connected to the request; instead, check previous statements for contact information. Information about known phishing attacks is also available online from groups such as the Anti-Phishing Working Group (http://www.antiphishing.org).
- Install and maintain anti-virus software, firewalls, and email filters to reduce some of this traffic (for more information, see Understanding Firewalls, http://www.us-cert.gov/ncas/tips/ST04-004; Understanding Anti-Virus Software, http://www.us-cert.gov/ncas/tips/ST04-005; and Reducing Spam, http://www.us-cert.gov/ncas/tips/ST04-007).
- Take advantage of any anti-phishing features offered by your email client and web browser.
Affected individuals can obtain additional information about the steps they can take to avoid identity theft from the following agencies. The FTC also encourages those who discover that their information has been misused to file a complaint with them.
For California Residents:
Visit the California Office of Privacy|Protection (www.privacy.ca.gov) for additional information on protection against identity theft.
For Kentucky Residents:
Office of the Attorney General of Kentucky
700 Capitol Avenue, Suite 118
Frankfort, Kentucky 40601
For Maryland Residents:
Office of the Attorney General of Maryland
Consumer Protection Division
200 St. Paul Place
Baltimore, MD 21202
For North Carolina Residents:
Office of the Attorney General of North Carolina
9001 Mail Service Center
Raleigh, NC 27699-9001
For all other US Residents:
Identity Theft Clearinghouse
Federal Trade Commission
600 Pennsylvania Avenue, NW
Washington, DC 20580