OPM’s $20M contract for ID theft protection violated federal rules

Can OPM do anything right?

In this week’s installment of their totally infuriating breach and breach response saga, it appears that they didn’t follow proper procedures in awarding a contract for ID theft monitoring services for breach victims. Jack Moore reports:

The in­spect­or gen­er­al of the Of­fice of Per­son­nel Man­age­ment says a $20 mil­lion sole-source con­tract to of­fer iden­tity-theft pro­tec­tion to mil­lions of hacked fed­er­al em­ploy­ees ran afoul of con­tract­ing reg­u­la­tions.

Of­fi­cials in OPM’s Of­fice of Pro­cure­ment Op­er­a­tions vi­ol­ated the Fed­er­al Ac­quis­i­tion Reg­u­la­tion and the agency’s own policies in award­ing a $20.7 mil­lion con­tract to provide cred­it-mon­it­or­ing and ID-theft ser­vices, ac­cord­ing to a sum­mary of IG find­ings in­cluded in an Oct. 30 memo to act­ing OPM Dir­ect­or Beth Cobert.

Read more on National Journal.