Click here to skip navigation
An official website of the United States Government.
Skip Navigation

In This Section

Our Director Director's Blog

Cybersecurity

At this critical time as OPM and its government-wide partners work to strengthen the Federal Government’s cybersecurity posture, I’m excited to once again answer the call to public service.

Photo of Clifton Triplett with white background. Headline: CLIFTON TRIPLETT. Subhead: OPM SENIOR CYBER AND ITS ADVISOR.Let me tell you a little bit about myself. I began my cybersecurity work as an officer in the U.S. Army Signal Corps after graduating from the United States Military Academy at West Point.

After my military career, I continued my IT security work in civilian life, working with some of America’s largest companies and industry leaders in telecommunications, oil field services, tractor, automotive, and aerospace industries. Before accepting Acting Director Cobert’s request that I return to serving the American people, I was a managing partner at SteelPointe Partners, a global management consulting company.

As OPM’s new Senior Cyber and Information Technology Advisor, I am committed to working in collaboration with the talented team at this agency, our partners across government, and our stakeholders to continue efforts to strengthen our cybersecurity posture and provide assistance to those affected by the recent cybersecurity intrusions.

All of us have an important role to play in securing our systems and protecting our information, and I am looking forward to supporting these critical efforts across the Federal Government.

I am eager to help support OPM’s ongoing response to the cybersecurity incidents, complete the development of OPM’s IT infrastructure improvement project, which will help further guard against and mitigate future incidents, and provide recommendations to Acting Director Cobert for further measures we can take. I believe we can best secure the agency’s IT architecture by leveraging the talent and resources of this agency along with those who have been supporting us across the Federal Government and the private sector.  We cannot define and provide the best solutions alone.

OPM, in partnership with other organizations such as DHS and the FBI, has identified many positive actions to enhance the security posture of the agency, and several of those have been completed or are near completion.

Two-factor “strong-authentication” for all of our users within the agency was a major effort that is now completed. We have also expanded continuous monitoring of all our systems, and deployed additional advanced network security technologies. These actions have significantly improved our perimeter and internal security controls. I look forward to continuing down this path of progress as we work on additional opportunities to enhance the security and performance of our systems.

I look forward to continuing OPM’s commitment and relentless dedication to protecting its valuable IT systems and information. I appreciate Acting Director Cobert and her team’s confidence in my ability to make a contribution to this important work.

Together, I know we will continue to provide a comprehensive response to the cybersecurity intrusions into OPM’s systems, and continue to develop OPM’s IT infrastructure, thereby serving the needs of OPM’s customers and protecting the safety and security of its data

Clifton Triplett is the Senior Cyber and Information Technology Advisor at the U.S. Office of Personnel Management. 


Yesterday, we began mailing notification letters to the individuals whose personal information was stolen in a malicious cyber intrusion carried out against the Federal Government. Impacted individuals will be notified by OPM via U.S. Postal Service mail. Email will not be used.      

The letters being mailed to those affected by this incident will describe the comprehensive suite of identity theft protection and credit monitoring services that will be provided for at least three years, at no cost, to impacted individuals and to their dependent minor children. An impacted individual is someone whose personal information, including Social Security Number, was stolen.

As we have noted before, those impacted by this breach are already automatically covered by identity theft insurance and identity restoration services. However, the Federal Government is providing additional services that impacted individuals are encouraged to enroll in, free of charge.

The notices will contain a personalized identification number (PIN) number which is necessary to enroll in the covered services. Please note that neither OPM, nor anyone acting on OPM’s behalf, will contact you to confirm any personal information. If you are contacted by anyone asking for your personal information in relation to compromised data or credit monitoring services, do not provide it.

As you know, a very large number of people were impacted by this breach, and the nature of the information involved has national security implications as well. OPM and the Department of Defense have continued to analyze the impacted data to verify its quality and completeness, and in this process, we determined that approximately 5.6 million of the impacted individuals had their fingerprints stolen. If an individual’s fingerprints were taken, this will be noted in their letter. 

While Federal experts believe that, as of now, the ability to misuse fingerprint data is limited, an interagency working group with expertise in this area will review the potential ways adversaries could misuse fingerprint data now, and in the future. This group will also seek to develop potential ways to prevent such misuse. If in the future, new means are developed to misuse the fingerprint data, the government will provide additional information to individuals whose fingerprints may have been stolen in this breach.

All of these factors make it important that we take the time necessary to make sure the notification process is carried out carefully. We’re committed to getting this right. What this means is that, while the notifications are beginning this week, it could take considerable time to deliver them all. 

I understand that many of you are frustrated and concerned, and would like to receive this information soon. My personal data was also stolen in this breach, and I am eager to get my notification letter as soon as possible so that I can sign up for these services. However, given the sensitive nature of the database that was breached – and the sheer volume of people affected – we are all going to have to be patient throughout this notification process.

In the meantime, please check OPM’s online cybersecurity resource center at www.opm.gov/cybersecurity for updates and additional information. This website has valuable suggestions about how to reduce the risk of becoming a victim of cybercrime, has answers to many frequently asked questions, and allows you to sign up for automatic updates. We are continually refreshing the site and will continue to do so as this process unfolds.

OPM and our partners across government are working hard to protect the safety and security of the information of Federal employees, contractors and others who entrust their information to us.

Together with our interagency partners, OPM is committed to delivering high quality identity protection services to the Federal community. We will continue to update you as this process continues. Thank you for your patience, your service to the American people, and your continuing support.

Graphic along with blue background. Filling most the page is the OPM LOGO. Headline: GET PROTECTE. STAY INFORMED. Subhead: CYBERSECURITY RESOURCE CENTER.

One of the many ways that the Office of Personnel Management helps agencies find the top talent they need to serve the American people is through the Presidential Management Fellows, our flagship leadership development program. Last week, we held our annual job fair that gives PMF finalists a chance to connect face-to-face with agency officials.

The PMF Class of 2015 is 600 strong – with 91 of the finalists taking part in our new Science, Technology, Engineering and Math (STEM) track. More than 65 agencies sent representatives to the event, held at the National Institutes of Health in Bethesda, Maryland. Kicking off the fair on Thursday, I congratulated these impressive finalists for taking the first step in their journey to becoming leaders in the Federal Government.

Not only were our finalists able to meet with agency representatives, they attended informational sessions that gave them a good grounding in the agencies’ missions and goals for the future. The finalists networked and developed contacts at the agencies.

OPM’s talented PMF staff will support these finalists as they continue their search for a fellowship. It’s very rewarding for us at OPM to help agencies recruit talented individuals who share a purpose-driven mission to serve this great country over the course of their professional careers.

The President today issued an executive order designed to further help the Federal Government attract the brightest minds in technology or innovation to work on some of the nation’s most pressing challenges. The order makes permanent the Presidential Innovation Fellows Program, which brings executives, entrepreneurs, technologists, and other innovators into government, and teams them up with Federal employees to improve programs that serve more than 150 million Americans. I’m proud to say that OPM had a role in developing this novel program, and I’m happy to see it thrive with our colleagues at the General Services Administration at the helm.

Photo of a conference with multiple agencies tables, and participants checking out different tables.  

Feds Feed Families in Full Swing

Federal employees not only serve Americans every day on the job, they display their generosity throughout the year, especially through programs like Feds Feed Families. The 2015 campaign is underway this month, with the theme “Feds Fighting Hunger.” In 2014, Federal employees across government donated nearly 15 million pounds of food, paper goods, and toiletries to help food banks and pantries stay stocked during the summer months, when they traditionally see a decrease in donations.

Each year, employees are asked to bring items they want to donate to their workplaces or to take them directly to a local food bank. I’m confident that the continued generosity of our Federal workforce will ensure that we top last year’s total.

Cybersecurity Update

Working with our partners at the General Services Administration, the Office of Management and Budget, the Department of Defense, and other agencies, the government on Aug. 4, 2015 issued a request for quotations (RFQ) for a contractor to handle credit monitoring and identity theft services for people affected by the intrusion of our network. We’ve added information about the RFQ to our online cybersecurity resource center

We are continually updating our website as we get requests for more information and as we make progress on the cybersecurity front. I encourage the Federal community to keep checking the site and to continue giving us feedback. We are listening, and are working hard to provide the latest resources, information, and support for the Federal workforce.


It’s been an exciting and busy first two weeks for me as the new Acting Director of the U.S. Office of Personnel Management.  I will be regularly using this space to share the latest news about what we are doing to address one of my top priorities for OPM – our response to the recent cybersecurity incidents.  As we make progress on this front, I also will be highlighting the achievements of OPM’s dedicated team that is working every day to fulfill the agency’s mission: to recruit and develop a world-class Federal workforce.

First, this week we were able to bring back online the system that we use to process background investigation forms for Federal employees and Federal job applicants. We had shut down the e-QIP system temporarily on June 26 after we discovered a vulnerability during a comprehensive security review of OPM’s information technology systems. Even though we didn’t find any malicious activity, we took this step in order to be proactive and to fortify the system’s security controls.

Cybersecurity expertise from across the Federal and private sectors was brought to bear to remediate and test the e-QIP system.  Thanks to the hard work of OPM staff, in collaboration with our interagency partners at the Department of Homeland Security and the Office of Management and Budget, we were able to bring the system back online with enhanced security features in less than four weeks.

Second, we continue to build on our efforts to support members of the Federal family whose personal information was stolen in the cyberintrusions.  We have just added some helpful features to our online resource center at opm.gov/cybersecurity in response to feedback from users.

The website is now easier to navigate and specific information is easier to find. We’ve added a “Recent Updates” section and a “Stay Informed” feature, plus tools such as an RSS feed allowing users to get automatic alerts when new information is posted. Our agency partners and outside organizations can now place a digital badge on their own websites that will link their users to OPM’s online resource center. Please visit this website to get the most current information about the incidents and about steps individuals can take to protect themselves from cybercrime.

Being new to OPM, I recently took the agency’s IT Security and Privacy Awareness Training. The training was a good reminder that using cybersecurity best practices is a responsibility we all share and that we must remain on guard against phishing emails and other threats that are ever present in today’s digital workplace.

Even as we keep cybersecurity front and center, I am looking forward to working with our talented and hard-working team at OPM to fulfill the agency’s mission of supporting and providing exceptional service to our Federal family. We have multiple plans and programs underway to improve the hiring process for Federal jobs, to develop top-drawer training and leadership programming, and to collect and process rich data sets that lead to greater employee engagement, to name just a few. The Federal Government is counting on OPM to deliver. And I know that we will.

- Graphic with blue background. OPM logo. Headline: LEARN MORE AT. Subhead: OPM.GOV/CYBERSECURITY.  


As our hardworking Federal workforce enjoys a much-deserved holiday weekend, I want to share a quick update on the ongoing investigation into the recent theft of information from OPM’s networks.

For those individuals whose data may have been compromised in the intrusion affecting personnel records, we are providing credit monitoring and identity protection services. My team has worked with our identity protection contractor to increase staff to handle the large volume of calls, and to dramatically reduce wait times for people seeking services. As of Friday, our average wait time was about 2 minutes with the longest wait time being about 15 minutes.

Thanks to the tireless efforts of my team at OPM and our inter-agency partners, we also have made progress in the investigation into the attacks on OPM’s background information systems. We hope to be able to share more on the scope of that intrusion next week, and in the coming weeks, we will be working hard to issue notifications to those affected.

I want you to know that I am as concerned about these incidents as you are. I share your anger that adversaries targeted OPM data. And I remain committed to improving the IT issues that have plagued OPM for decades.

One of my first priorities upon being honored with the responsibility of leading OPM was the development of a comprehensive IT strategic plan, which identified security vulnerabilities in OPM’s aging legacy systems, and, beginning in February 2014, embarked our agency on an aggressive modernization and security overhaul of our network and its systems. It was only because of OPM’s aggressive efforts to update our cybersecurity posture, adding numerous tools and capabilities to our networks, that the recent cybersecurity incidents were discovered.

I am committed to finishing the important work outlined in my Strategic IT Plan and together with our inter-agency partners, OPM will continue to evaluate and improve our security systems to make sure our sensitive data is protected to the greatest extent possible, across all of our networks.

We are living in an era where cybersecurity must be a priority in our lives at work and at home. I encourage you to take some time to learn about the ways you can help protect your own personal information. There are many helpful resources available on our website.

I’m wishing you a safe and relaxing 4th of July weekend.


Control Panel

Unexpected Error

There was an unexpected error when performing your action.

Your error has been logged and the appropriate people notified. You may close this message and try your command again, perhaps after refreshing the page. If you continue to experience issues, please notify the site administrator.

Working...