recommended reading

Will The Government Shred Your Contract After a Hack?


Contractors are concerned they might lose government business for coming forward about suspected internal data breaches, after the unprecedented decision by two departments to halt contracts with a hacked background investigation firm.

It is believed the personal information of Department of Homeland Security employees likely was compromised when a suspected nation state penetrated a USIS corporate network. USIS conducts personnel investigations on behalf of many agencies, including the Office of Personnel Management. DHS and OPM temporarily ceased some jobs with USIS after the incident.

OPM did not pause work as a punishment, but rather as a way to protect federal employees until more details about the intrusion are known, agency officials told Nextgov on Friday. But officials said they do not host information with USIS on the same system DHS uses. 

DHS has issued stop work orders to temporarily halt activities that involve personal information, until the department can assess the full scope of the potential intrusion and repairs, Homeland Security officials told Nextgov.

Some lawmakers are calling for DHS to reassess contracts with other vendors.

Rep. Bennie Thompson, D-Miss., ranking Democrat on the House Committee on Homeland Security, in a statement, called on DHS "to evaluate its relationships with its contractors that hold sensitive data and ensure those companies have proper protections to mitigate an attack.”

Today, contractors are not required to disclose all data compromises on their own systems to agency customers. Reporting typically is only necessary for breaches of classified information or Pentagon technical data and other so-called unclassified controlled technical information.

The contractor industry is watching the USIS situation for signs of new breach penalties.

"I believe contractors should be paying close attention to this case, particularly how quickly the contractor and government are able to work collaboratively to get back to meeting the mission need," said Roger Jordan, vice president of government relations at the Professional Services Council.

It is inevitable that, despite the best efforts of vendors and the government, breaches will occur, he added.

So it’s important for the government and the affected company to collaborate on sharing information and “take mitigating steps quickly to ensure they can return the focus to the mission needs being served under the contract," Jordan said. 

Information technology contractors say they long have worried about losing business after a hack, despite following security protocols.

"There is always a concern that the government will take steps against a company when they have made an effort to comply with contractual requirements and those compliance efforts fail," said Trey Hodgkins, public sector senior vice president at the Information Technology Alliance for Public Sector.

New regulations dictate the government have physical access to machines and networks hit by attackers, in some circumstances. It can be a challenge "letting the government take control" of systems "where you may have multiple clients' information," Hodgkins said. "In many instances, these are global networks." 

USIS said in a statement Wednesday its own staff recently discovered the intrusion. "We immediately informed federal law enforcement, the Office of Personnel Management and other relevant federal agencies," company officials said.

USIS is working with OPM and DHS to shore up network protections and quickly resolve the problems, they added. USIS officials said they "look forward to resuming service on all our contracts with them as soon as possible." 

OPM is maintaining a separate contract with the company for support services, agency officials said Friday. Only work that involved sharing investigative information is on hold. The agency wants to make sure safeguards are in place and that the problem is contained before resuming that business relationship.

"Out of an abundance of caution, we are temporarily ceasing field investigative work with USIS," OPM Communications Director Jackie Koszczuk said in a statement. "To date, we have not been notified of any loss of personally identifiable information for OPM managed investigations."

OPM itself suffered a breach in March. Its customers -- other federal agencies – still rely on the agency’s systems. The hackers, believed to be from China, apparently wanted files on staff who have applied for top-secret security clearances. Federal officials say there is no proof yet personal data was exposed. 

USIS conducted checks on ex-National Security Agency contractor Edward Snowden and Navy Yard shooter Aaron Alexis.

Separate from the hacking incident, the company is being sued for allegedly filing incomplete investigations to drive up profits. 

(Image via hfng/

Threatwatch Alert

Software vulnerability

Malware Has a New Hiding Place: Subtitles

See threatwatch report


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Modernizing IT for Mission Success

    Surveying Federal and Defense Leaders on Priorities and Challenges at the Tactical Edge

  • Communicating Innovation in Federal Government

    Federal Government spending on ‘obsolete technology’ continues to increase. Supporting the twin pillars of improved digital service delivery for citizens on the one hand, and the increasingly optimized and flexible working practices for federal employees on the other, are neither easy nor inexpensive tasks. This whitepaper explores how federal agencies can leverage the value of existing agency technology assets while offering IT leaders the ability to implement the kind of employee productivity, citizen service improvements and security demanded by federal oversight.

  • Effective Ransomware Response

    This whitepaper provides an overview and understanding of ransomware and how to successfully combat it.

  • Forecasting Cloud's Future

    Conversations with Federal, State, and Local Technology Leaders on Cloud-Driven Digital Transformation

  • IT Transformation Trends: Flash Storage as a Strategic IT Asset

    MIT Technology Review: Flash Storage As a Strategic IT Asset For the first time in decades, IT leaders now consider all-flash storage as a strategic IT asset. IT has become a new operating model that enables self-service with high performance, density and resiliency. It also offers the self-service agility of the public cloud combined with the security, performance, and cost-effectiveness of a private cloud. Download this MIT Technology Review paper to learn more about how all-flash storage is transforming the data center.


When you download a report, your information may be shared with the underwriters of that document.