The Office of Personnel Management (OPM) has released an in-depth analysis and the severity of two breaches that the department has had. Although we have briefly covered the OPM data breach, regarding the 4 million federal employees affected by the breach, there is new information, which portrays a much larger and widespread effect.
“The team has now concluded with high confidence that sensitive information, including the Social Security Numbers (SSNs) of 21.5 million individuals, was stolen from the background investigation databases; this includes 19.7 million individuals that applied for a background investigation and 1.8 million non-applicants, predominantly spouses or co-habitants of applicants, the OPM website stated. “As noted above, some records also include findings from interviews conducted by background investigators and approximately 1.1 million include fingerprints.”
As a result, OPM has created a cyber security plan, a cyber security resource page on their website, will be establishing a call center and more. The OPM incident shows that any entity with personally identifying data can hold value to a fraudster. Therefore, it is important for all businesses from small to Fortune 500 companies to be proactive in their cyber security initiatives, instead of waiting to be reactive.
Now OPM has to implement all of these additional items that could have been created pre-breach and may have prevented the breach or decreased the damage. OPM’s new cyber security plan includes improvements that vary from implementing two-factor authentication to using standard modern operating systems and educating staff about policies and procedures.
An effective way to increase cyber security and protect customers against fraudsters is to have a cyber security plan. While EVS’ offers multiple solutions that help with various aspects of safeguarding a company, it is the business’ responsibility to affirm that their electronic devices are up to date. Along with incorporating EVS’ products and assuring that technology is current, companies need to educate themselves on best cyber security practices. Through these security measures, businesses can better protect the data they store proactively, instead of as reactivity.