NextGov reports:
The Office of Personnel Management is not required to tell employees whether attackers who recently breached a human resources database saw their names.
The hackers, believed to be from China, apparently wanted files on staff who have applied for top-secret security clearances, The New York Times previously reported.
OPM and the Department of Homeland Security — the agency that oversees government cybersecurity — say there is no evidence yet the intruders compromised any “personally identifiable information.”
However, names alone are not normally considered personally identifiable information, according to OPM’s definition of PII.
The affected system, e-QIP, or Electronic Questionnaires for Investigations Processing, contains names and background history records entered by the applicants themselves.
Read more on NextGov.