Oops.
Jana Winter reports:
Last month, in the wake of a series of massive breaches at the federal Office of Personnel Management, the Army issued a bulletin warning that some victims were being hit by hackers a second time, this time with an email phishing campaign asking them to input personal information into a third-party website to receive credit monitoring.
Except it turns out the email in question was completely legitimate. It was sent en masse by the OPM contractor providing notification and credit-monitoring services to the agency’s hacking victims.
Read more on The Intercept.