OPM to Rebid Identity Theft Protection Contract Affecting Millions of Hack Victims
Eric Katz reports:
Millions of current and former federal employees could soon have a new company providing them with credit monitoring and identity theft protections, as the Office of Personnel Management plans to rebid a contract worth hundreds of millions of dollars.
The current contract, which OPM signed with ID Experts in the wake of two data breaches unveiled in 2015 that affected more than 20 million federal employees, retirees and their family members, is set to expire at the end of the year. OPM has already obligated the full $340 million value of that contract.
The agreement lasted only for three years, but Congress has since mandated that the hack victims receive 10 years of protections. According to an OPM spokesperson, the contract is being recompeted. If, as a result of that competitive solicitation, OPM chooses a vendor other than ID Experts, the agency has prepared a “six-month transition” that would last through July 1, 2019, the spokesperson said. If ID Experts is once again selected, then “there will be no change to the enrolled population.”
Read more on Government Executive.
And consider this statement at the end of the article:
There are no known, verified instances of OPM data being released to criminals.
Somehow, I do not find that reassuring. To the contrary, that makes me worry more about whose hands these data are in.