OPM breach notification center live, but not yet open to the public

Cyber breach victims who haven't yet received a notification letter from the Office of Personnel Management can visit a verification center in the next few week...

The 21.5 million victims of the Office of Personnel Management’s cyber breach who haven’t yet received a notification letter from OPM will have access to a new  online verification system in the next few weeks.

Though OPM said the site is live, it isn’t available for the public to use just yet. Once the link is made available, victims can securely enter their personal information online to learn more about what identity protection services are available to them.

“We’re testing it internally with a select group of people to make sure everything is working properly,” OPM spokesman Sam Schumach told Federal News Radio.

NextGov first reported the “soft launch” of OPM’s verification site.

OPM plans to fully launch the verification site in the next couple weeks, after the agency sends out more notification letters to breach victims.

“We want to wait to get the bulk of the letters mailed to do that,” acting OPM Director Beth Cobert said during a Nov. 10 Chief Human Capital Officer’s Council meeting. “We’re going to be doing that again in a way that focuses on the security of the process, given the sensitivity of the population, given the data that was affected in the breach.”

OPM is sending out about 800,000 letters daily through the U.S. Postal Service, Schumach said. The goal is to have all breach notification letters sent by the first or second week of December.

As of Nov. 23, OPM has sent about 13.5 million notification letters, an OPM spokesperson told Federal News Radio.

Cobert said the agency is sending out more letters at a faster pace now, as it begins to find and update mailing addresses for breach victims.

The verification system may be particularly helpful to those who have gotten a letter from OPM but whose family members have not.

“As someone whose data was taken in the breach, I have actually now gotten my letter,” Cobert said Nov. 10. “The letters are being mailed in a randomized order, so my spouse has not received his yet. So in case one of you has gotten yours and your spouse hasn’t, that is actually normal.”

The agency hasn’t yet finalized its plan for rolling out the verification center, Schumach said. But it will include a link and phone number for the center on the agency’s cybersecurity information page.

The Defense Information Systems Agency awarded a $1.8 million contract to Advanced Onion, Inc. in September to build the online notification center for OPM, as well as a system that tracks notification letters that have bounced back.

Read all of Federal News Radio’s coverage of the OPM Cyber Breach.

Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.

Related Stories

    Amelia Brust/Federal News NetworkFederal Acquisition, GSA

    DISA to set up notification tools for OPM cyber breach victims

    Read more
    Amelia Brust/Federal News NetworkFederal Acquisition, GSA

    Months after OPM hack, officials begin notifying victims

    Read more