OPM Updates Hack Info Website

Mark Van Scyoc/Shutterstock.com

Agency updates and streamlines FAQ on the incident and its response.

Editor’s Note: The original version of this article erroneously stated that the Office of Personnel Management  had acknowledged for the first time that the 2015 background check breach had potentially impacted tens of millions more people than had been originally disclosed. OPM had in fact previously published information on the wider impact of the breach. Nextgov regrets the error, and has updated the article below to remove the incorrect information.

The Office of Personnel Management has updated its website on the historic 2015 background check cybersecurity breach to make it easier for those affected to access information about the incident.

On Monday afternoon, an OPM official told Nextgov the agency clarified its cyber incident frequently asked questions page in response to questions received over the past year about the breach and the agency's handling of the situation.

"The website refresh was designed to streamline the content, make it more user-friendly and to include all of the progress our cybersecurity team has made to secure our systems over the last year," said OPM spokesman Michael Amato. "We have received a lot of feedback from impacted individuals and we updated the website to help better answer their questions."

In the 2015 incident, suspected Chinese cyberspies set their sights on forms submitted by Americans seeking clearance to handle classified information that, among other things, included details on their private lives.

Amato stressed that the number of people impacted whose Social Security numbers were compromised remains the same: 21.5 million. Other family members and close contacts of those victims also are affected because their names, addresses and other information was included on background investigation forms.

“In many cases, the information about these individuals is the same as information generally available in public forums, such as online directories or social media, and therefore the compromise of this information generally does not present the same level of risk of identity theft or other issues,” OPM’s FAQ states.

"We haven’t changed the number of people impacted by these incidents, or our definition of impacted," OPM spokesman Michael Amato said.