{"id":60482,"date":"2015-06-20T10:05:43","date_gmt":"2015-06-20T14:05:43","guid":{"rendered":"http:\/\/valorguardians.com\/blog\/?p=60482"},"modified":"2015-06-20T10:07:07","modified_gmt":"2015-06-20T14:07:07","slug":"opm-handed-employee-data-to-chinesevenezuela","status":"publish","type":"post","link":"https:\/\/www.azuse.cloud\/?p=60482","title":{"rendered":"OPM handed employee data to Chinese\/Venezuela"},"content":{"rendered":"<p><center><a href=\"https:\/\/www.azuse.cloud\/?attachment_id=60483\" rel=\"attachment wp-att-60483\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.azuse.cloud\/wp-content\/uploads\/2015\/06\/Andy-Ozment-300x169.jpg\" alt=\"Andy-Ozment\" width=\"300\" height=\"169\" class=\"alignnone size-medium wp-image-60483\" srcset=\"https:\/\/www.azuse.cloud\/wp-content\/uploads\/2015\/06\/Andy-Ozment-300x169.jpg 300w, https:\/\/www.azuse.cloud\/wp-content\/uploads\/2015\/06\/Andy-Ozment-500x281.jpg 500w, https:\/\/www.azuse.cloud\/wp-content\/uploads\/2015\/06\/Andy-Ozment.jpg 1280w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/center><\/p>\n<p>I got my promised email the other day notifying me that my PII was part of the data that the Office of Personnel Management lost to Chinese &#8220;hackers&#8221;. The solution was an email to the same address that the Chinese now has and it included a link that I was supposed to click and then enter my PII on another website, you know, so that someone else would have the opportunity to lose my information, you know someone that hasn&#8217;t had an opportunity to lose it yet, after the Department of Defense, the Veterans&#8217; Affairs Department and now OPM had all lost control of it. This last time it might be worse, though &#8211; if they lost control of my application for my security clearance, they also got a hold of all my friends and family information, as well.<\/p>\n<p>So, how did that happen? According to <a href=\"http:\/\/www.businessinsider.com\/the-us-agency-plundered-by-chinese-hackers-made-one-of-the-dumbest-security-moves-possible-2015-6#ixzz3dRscb8Z9\">Business Insider<\/a>, the Department of Homeland Security Assistant Secretary for Cybersecurity Dr. Andy Ozment told the House Oversight and Government Reform Committee that the systems administrator for the information &#8220;was in Argentina and his co-worker was physically located in the [People&#8217;s Republic of China].&#8221;<\/p>\n<p>From <a href=\"http:\/\/arstechnica.com\/security\/2015\/06\/encryption-would-not-have-helped-at-opm-says-dhs-official\/\">Ars Technica<\/a>;<\/p>\n<blockquote><p>But even if the systems had been encrypted, it likely wouldn&#8217;t have mattered. Department of Homeland Security Assistant Secretary for Cybersecurity Dr. Andy Ozment testified that encryption would &#8220;not have helped in this case&#8221; because the attackers had gained valid user credentials to the systems that they attacked\u2014likely through social engineering. And because of the lack of multifactor authentication on these systems, the attackers would have been able to use those credentials at will to access systems from within and potentially even from outside the network.<\/p><\/blockquote>\n<p>Oh, by the way, the email that I got from OPM contained this disclaimer; &#8220;nothing in this letter should be construed as OPM or the U.S. Government accepting liability for any of the matters covered by this letter&#8221;.<\/p>\n<p>That&#8217;s how I knew it was from the government and that they were there to help me. <\/p>\n<p>Needless to say, I&#8217;ll just stick with my own subscription to Lifelock, I&#8217;ve had enough of the government&#8217;s solutions for my security. Did I mention that the breech happened months ago and lasted for months? That this latest breech is like closing the barn doors after the horses already ran all the way to China.<\/p>\n<p>Thanks to Bobo for the link to BI.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>I got my promised email the other day notifying me that my PII was part of &hellip; <a title=\"OPM handed employee data to Chinese\/Venezuela\" class=\"hm-read-more\" href=\"https:\/\/www.azuse.cloud\/?p=60482\"><span class=\"screen-reader-text\">OPM handed employee data to Chinese\/Venezuela<\/span>Read more<\/a><\/p>\n","protected":false},"author":1,"featured_media":60483,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[177],"tags":[],"class_list":["post-60482","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-dumbass-bullshit"],"_links":{"self":[{"href":"https:\/\/www.azuse.cloud\/index.php?rest_route=\/wp\/v2\/posts\/60482","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.azuse.cloud\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.azuse.cloud\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.azuse.cloud\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.azuse.cloud\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=60482"}],"version-history":[{"count":0,"href":"https:\/\/www.azuse.cloud\/index.php?rest_route=\/wp\/v2\/posts\/60482\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.azuse.cloud\/index.php?rest_route=\/wp\/v2\/media\/60483"}],"wp:attachment":[{"href":"https:\/\/www.azuse.cloud\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=60482"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.azuse.cloud\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=60482"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.azuse.cloud\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=60482"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}