DHS released a letter Jan. 3 describing a breach of the Office of the Inspector General that may impact 247,167 current and former federal employees employed by DHS in 2014. The breach may also impact individuals — including subjects, witnesses and complainants — associated with DHS OIG investigations from 2002 to 2014.
As part of an ongoing criminal investigation, the OIG’s office became award of the privacy incident back in May 2017 when they discovered an unauthorized copy of their investigative case management system in the possession of a former DHS OIG employee. The data impacted involved the release of personally identifiable information for DHS employees and subjects associated with OIG investigations.
The incident was not a “cyber attack” by external actors and the OIG’s office does not believe the personal information of compromised individuals was the primary target of the unauthorized exfiltration.
The department offered 18 months of free credit monitoring and identity protection services to the current and former employees; due to technological limitations, that offer was not extended to those impacted who were associated with an OIG investigation. They are encouraged to contact AllClearID at (855)260-2767 for information on credit monitoring and identity protection services.