WASHINGTON – In reaction to reported widespread failures by the government in responding to the massive data breach affecting federal workers, the American Federation of Government Employees, the largest union representing federal and D.C. government workers, today issued the following statement:
“The Obama administration must take immediate steps to rectify a series of failed responses to the massive data breach of millions of federal personnel records. The estimated 18 million people who have had their personal information stolen deserve more than evasive responses, inept customer service, and inadequate security measures.
“The Office of Personnel Management, whose databases were breached, has refused to answer simple questions about the extent of the breach or to respond to legitimate complaints from affected employees.
“Our concerns stem from OPM’s hasty decision to contract out its response efforts to a company that, according to published news reports, has little to no experience in credit monitoring.
“Many affected employees and retirees are outraged by what they say is an abysmal experience with CSID and Winvale: outdated or false personal information being provided on employees, a website that crashes repeatedly, and call center contractors who can only provide canned responses to Frequently Asked Questions – if employees can even get through.
“Security concerns about clicking on the link in the email to receive credit monitoring protection were so great that the Department of Defense ordered OPM to stop sending out the emails to its employees and blocked all access to the contractor’s website.
“Employees who have attempted to register for the credit monitoring service on the website tell the Washington Post they have been kicked out and then blocked from further attempts because of restrictions on the PIN code. Attempts to reach a live person through the toll-free number are just as frustrating. Employees have reported waiting on hold for an hour or longer; many simply give up before ever being connected.
“OPM has bungled the response to this data breach from the get-go, and the news just keeps getting worse by the day. We went from 4 million affected employees to as many as 14 million, and now at least 18 million, and OPM has refused to answer basic questions about the data that have been compromised.
“OPM must do far more for federal employees affected by the breach. First, hire federal employees to assist in its response to the breach rather than rely solely on a contractor that may not have the ability and expertise to handle the requests. Second, detail the scope of the breach and explain to employees exactly what information may have been compromised. Third, provide affected individuals with free lifetime credit monitoring. Since the breach may have been affecting them for a full year before being disclosed by OPM and will potentially affect them throughout their lives, the 18 months offered is completely inadequate. In addition, OPM should acknowledge its obligation to insure employees for the entirety of any loss attributable to the breach.”