There’s a lot of spluttering and public statements in response to today’s revised figures by OPM on their massive breach, but I think Senator Collins nails it. From her office:
WASHINGTON, D.C.— Following the completion of its internal damage assessment, the Office of Personnel Management (OPM) announced today that the personal information of at least 21.5 million individuals was compromised in the recent cyber attack at OPM. This number of affected individuals is more than five times the amount that OPM originally stated. In response to these reports, Senator Collins released the following statement:
“It is outrageous that the personal information of at least 21.5 million individuals has been compromised as a result of an extensive cyber-attack at the Office of Personnel Management (OPM). Despite knowing that its files contained highly sensitive personal data such as Social Security numbers, home addresses, dates of birth, and in some cases, extensive background information, OPM officials ignored repeated warnings from its own Inspector General about the vulnerability of its computer systems.
“It is also unacceptable that OPM officials for weeks maintained that only 4.2 million Americans were affected, disputing the FBI’s assertion that the real number was 18 million. Today, we finally learn from OPM that the accurate number is many times the 4.2 million and even higher than that initially estimated by the FBI. In the latest statement, OPM officials implausibly assert that ‘There is no information at this time to suggest any misuse or further dissemination of the information that was stolen from OPM’s systems.’ That incredible statement, which implies that the perpetrators of this lengthy and extensive attack have no intention of using the stolen data, suggests that OPM has yet to come to grips with the gravity of this cyber-attack.”