Office of Personnel Management Data Breach

[Huntn]

Recently I got a letter from the US Office of Personnel Management about a data breach that occurred last summer I think. I was concerned this might be a scam, did some research and it appears legit. I've got phishing protection on my browser, everything looked legit, checked a consumer protection site that said it was legit, and once logged in the site obviously had access to credit reports and for ID confirmation asked me about 10 questions, where I had to pick the correct answer, like the license tag of a car I currently own or a company I took a loan through in the last 10 years.

I'm now enrolled at a site called opm.myidcare.com. Apparently emails went out earlier, but as I am no longer competent to review all of my emails, I missed. it. Anyone else get this? Just curious.

 

[lowendlinux]

Recently I got a letter from the US Office of Personnel Management about a data breach that occurred last summer I think. I was concerned this might be a scam, did some research and it appears legit. I've got phishing protection on my browser, everything looked legit, checked a consumer protection site that said it was legit, and once logged in the site obviously had access to credit reports and for ID confirmation asked me about 10 questions, where I had to pick the correct answer, like the license tag of a car I currently own or a company I took a loan through in the last 10 years.

I'm now enrolled at a site called opm.myidcare.com. Apparently emails went out earlier, but as I am no longer competent to review all of my emails, I missed. it. Anyone else get this? Just curious.

Yes..the email and the letter but the email only came to my .mil address

 

[millerj123]

Yeah, that's a great lot of fun. I can neither confirm nor deny that I may or may not know persons who may or may not have received any of the aforementioned information. No email, but snail mail.

"give us all your information, and trust us that your data is safe"

I no longer answer either land line or cell phone if the originating number and/or caller id isn't visible. If it's important, they can leave a message. Most of them are scam sales when I look them up, and leave no message.

 

[lasloduncan]

that is a legit opm.gov (******** low bidder i imagine deal)-i got one filled it out then did a fraud altert on all three credit bureaus--you should too...one to experion will cause the other two to place the alert also--it last for 3 monthes then I will review and do a credit freeze if need be and rethink it ...check opm.gov --check wired.com as to why they are such a bunch of aholes

 

[flyingspur]

I received the letter too. Thought it was a scam. Did some research, nope. I also looked into the myidcare.com
and passed on that. I have put a freeze at all 4 credit bureau's. I also keep any info locked down pretty tight anyway.

Might want to keep an eye on Krebs on Security. Lots of good info there. http://krebsonsecurity.com/
In his search just type in OPM for more info.

 

[AlliFlowers]

Same here. I went ahead and signed up for it. Why not. My husband also got one - both of us due to separate reasons.

 

[Huntn]

I received the letter too. Thought it was a scam. Did some research, nope. I also looked into the myidcare.com
and passed on that. I have put a freeze at all 4 credit bureau's. I also keep any info locked down pretty tight anyway.

Might want to keep an eye on Krebs on Security. Lots of good info there. http://krebsonsecurity.com/
In his search just type in OPM for more info.

What have you frozen at all 4 credit bureau's? Thanks!

Instead of an email warning notification from myidcare.com, I'd prefer a text message, but they did not offer that. Does anyone know if google mail can be set up to send text notifications if an email comes from a particular site? If so is it complicated? Thanks!

Updated 1: Found this, I'll work on it and see what happens: http://techawakening.org/website-downtime-free-sms-alerts-google-docs/988/#smssetup
Updated 2: The "setup Google Calendar" part of that tutorial may be out of date, don't see a mobile setup there under settings.

 

[lowendlinux]

The part I hate about this the most has been the huge push of over the last decade to have everybody have a security clearance. I've had two re investigations OPM has so much data on me that it's unconscionable that it was really protected.

 

[aaronvan]

I'm now enrolled at a site called opm.myidcare.com. Apparently emails went out earlier, but as I am no longer competent to review all of my emails, I missed. it. Anyone else get this? Just curious.

I got the letter in the mail but never received an email about the site. Is it legit? I'd feel better if it was a .gov domain. Thanks for the info.

...

Agreed. Brian Krebs rocks. I also listen to this podcast.

 

[flyingspur]

What have you frozen at all 4 credit bureau's? Thanks!

Frozen access to my credit files/reports. A creditor can still report late payments but no trolling. So, if you
want to say finance a new auto, you tell them you have a freeze on and they need to tell you when they will
access your reports so you can thaw them. What bureau they will use. 72 hours is usually fine. Only 2 bureau's charged me $10 to freeze the other 2 free. Thawing is possibly another fee. But cheap insurance imo. My junk
snail mail has also decreased loads.

Might want to look at this. There are others on Krebs too on the OPM breach.
http://krebsonsecurity.com/2015/12/opm-breach-credit-monitoring-vs-freeze/

Experian Freeze https://www.experian.com/freeze/center.html
Equifax Freeze https://www.freeze.equifax.com/Freeze/jsp/SFF_PersonalIDInfo.jsp
TransUnion Freeze http://www.transunion.com/credit-freeze/place-credit-freeze
Innovis Freeze https://www.innovis.com/personal/securityFreeze

Hope that helps.

 

[lasloduncan]

thank you for the tips on resources