Cybersecurity

OPM awards $133 million ID protection contract

padlocked keyboard

The Office of Personnel Management and the Defense Department have awarded a $133 million contract to Identity Theft Guard Solutions LLC to protect the 21.5 million current and former federal employees, contractors and others affected by the heist of OPM background check data.

The firm, which is doing business under the name ID Experts, will provide victims of the hack (and their minor dependents) with credit and identity monitoring, “identity theft insurance” and identity restoration services for three years. The task order came under a set of blanket purchase agreements that the General Services Administration awarded Sept. 1.

The government will begin notifying victims of the background data breach about how they can sign up for identity and credit monitoring services at the end of this month and over subsequent weeks. On a Sept. 1 conference call with reporters, OPM Acting Director Beth Cobert attributed the delay to erring on the safe side, to ensure “that in the context of the notifications, we don’t create any more national security issues than we have through the data that was stolen.”

CSID, a Texas-based security, identify protection and fraud detection firm, has been contracted by OPM to handle identity theft protection for the 4.2 million current and former employees whose personal data was compromised in an initial breach.

Hackers were able to infiltrate OPM networks via a contractor, KeyPoint Government Solutions, but officials said measures had been taken to prevent a repeat of that with the new contractor. An interagency group helped draw up “stringent” security requirements for data that the contractor will hold, Rear Adm. Althea Coetzee, principal deputy for defense procurement and acquisition policy at DOD, told reporters.

Director of National Intelligence James Clapper has singled out China as a prime suspect in the breach. When asked why so much money is being invested in identity theft protection when the hack was reportedly for espionage purposes rather than identity theft, Cobert said the interagency task group made that recommendation.

When asked if she was confident the hackers had been expelled from OPM networks, Cobert said investigators have “found no indication of adversary activity at this time.” A detailed timeline of the hack and the government’s response, obtained exclusively by FCW, can be found here.

About the Author

Sean Lyngaas is an FCW staff writer covering defense, cybersecurity and intelligence issues. Prior to joining FCW, he was a reporter and editor at Smart Grid Today, where he covered everything from cyber vulnerabilities in the U.S. electric grid to the national energy policies of Britain and Mexico. His reporting on a range of global issues has appeared in publications such as The Atlantic, The Economist, The Washington Diplomat and The Washington Post.

Lyngaas is an active member of the National Press Club, where he served as chairman of the Young Members Committee. He earned his M.A. in international affairs from The Fletcher School of Law and Diplomacy at Tufts University, and his B.A. in public policy from Duke University.

Click here for previous articles by Lyngaas, or connect with him on Twitter: @snlyngaas.


Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.