Click here to skip navigation
An official website of the United States Government.
Skip Navigation

In This Section

Our Director Director's Blog

Cybersecurity

As our team at OPM continues to work tirelessly to fortify our data systems with stronger security upgrades, I wanted to notify our Federal family that we have taken the e-QIP system offline temporarily. E-QIP is a web-based platform used to complete and submit background investigation forms.

I recently ordered a comprehensive review of the security of OPM IT systems. During this ongoing review, my team and our interagency partners identified a vulnerability in the e-QIP system. Out of an abundance of caution, I have asked that the system be taken offline until stronger security enhancements are implemented.

I want to be clear that we are proactively taking this action to ensure the ongoing security of our network. This decision was not in response to direct malicious activity on this network, and there was no evidence that the vulnerability was exploited by an adversary.

While we add these security enhancements to the network, we expect the e-QIP system could be offline from four to six weeks. All of us at OPM recognize and regret the impact this action will have on both users and agencies, but please know that the team is working hard to quickly implement these security upgrades so that we can resume this service as soon as it’s safe to do so. In the meantime, we will be working with our partner agencies on alternative approaches to meet the needs of our customers.

I want to personally apologize for the inconvenience, but know that we take very seriously the responsibility OPM holds in securing Federal employee data. Improving OPM’s IT security posture is the utmost priority as we work to recruit, engage, and honor America’s talented and hardworking Federal workforce.


As our investigation into the cyberintrusions and theft of information at OPM continues, I want to reassure our Federal family how seriously I take our responsibility to provide you with timely and accurate information, as well as the resources to protect you from any malicious activity that may come from these events.

For individuals who were impacted by the incident involving personnel data that we announced on June 4, OPM is offering credit monitoring services and identity theft insurance through CSID, a subcontractor to Winvale. This includes credit monitoring, as well as access to credit reports, identity theft insurance, and recovery services and the services are available immediately at no cost.

I am deeply troubled by the challenges some employees and retirees have been having while trying to take advantage of these services. I want you to know that we are working to quickly improve your experience. And we’ve made progress.

Over the past week, CSID has been increasing the number of call center employees available to answer your questions. Additionally, they are equipped with the latest list of Frequently Asked Questions to make sure everyone is getting updated and consistent information.

Wait times are also a concern. The good news is that, because CSID has been adding additional call center employees, the wait times are down significantly. A new feature has also been added giving you the option to have the center call you back when it’s your turn. This keeps you from having to wait on hold.

We know that many of the calls coming in are from people who would like to know whether they were affected. To help keep those calls from slowing down people calling with enrollment issues, a new feature was added this week. It allows individuals to self-select if they are calling to find out if they qualify for coverage or for any reason other than to enroll. Those calls are now answered by a separate team, helping to speed up your access to the call center.

I encourage you to read through our Frequently Asked Questions before calling CSID. We’re updating this page as new information becomes available, and we hope to get as many answers to your questions as we can, as quickly as possible.

Each and every day, as we investigate these attacks and aggressively work on the redesign of our computer network, we are keeping in mind the millions of men and women who have and continue to serve the American people. We honor your contributions and the trust you put in us to keep your information safe. I pledge that we will do everything we can to give you the support you need.

A listing of the services provided by CSID. Learn more at www.CSID.com/OPM


As we at OPM and our partners across government work quickly to investigate the nature and scope of the cyberattacks that invaded our network and systems, I want to make sure that our Federal employee family knows that I continue to work each and every day to make sure that the data OPM is entrusted with protecting is secure now and for the future.

I am as concerned as our Federal workforce by these cyberintrusions, and I want employees to know we are redoubling our efforts to make sure our systems are as secure as possible. We know that our adversaries are sophisticated, well-funded, and focused. We know this because in an average month, OPM thwarts millions of attempts to break into our network.

Before I detail the work my OPM team is doing to upgrade our aging systems, to investigate the cyberintrusions, and to plan for the future, I want to make sure all Federal employees know that OPM has continued to operate with strong confidence in the security of the data it handles.

So how did we get here? In November of 2013, when the President honored me with the assignment to lead the men and women of OPM, I quickly realized that the agency’s outdated, legacy system needed to be modernized. My team got to work on the comprehensive IT Strategic Plan during my first 100 days as OPM Director. That plan clearly identified security vulnerabilities in our aging systems. We immediately began an aggressive modernization and security overhaul.

It was because of that overhaul and the tools we put in place to strengthen our cybersecurity that OPM -- working with our partners at the Department of Homeland Security and the Federal Bureau of Investigation -- was able to detect the cyberbreaches of personnel and background investigations data. That work continues, and continues aggressively. We have upgraded our network monitoring and logging capability and added firewalls that allow OPM to better filter network traffic. The remote access for our network administrators has been restricted.

On June 4, we publicly announced that we believed that the personally identifiable information (PII) of about 4 million current and former Federal employees had been compromised. Almost immediately, we began notifying those affected and they are getting access to credit monitoring and other services they may need. As the investigation has proceeded, we recently confirmed that OPM systems containing information related to the background investigations of current, former, and prospective Federal employees may have been compromised. We are working intensively to assess the scope of that attack and we will notify affected individuals as soon as possible.

Each and every day, as we work through the challenges of investigating these attacks and aggressively work on the redesign of our computer network, I am thinking about the millions of men and women who work – and who have worked – to serve the American people.

Our OPM team knows that you have entrusted your sensitive personal information to us. It is a trust we will continue to honor and one that is foremost in our minds as we do the critical work necessary to prevent, detect, and thwart future cyberattacks.

Graphic with blue background. Filling most the page is the OPM logo. Headline: UPDATED INFORMATION about recent CYBERSECURITY INCIDENTS.


Control Panel

Unexpected Error

There was an unexpected error when performing your action.

Your error has been logged and the appropriate people notified. You may close this message and try your command again, perhaps after refreshing the page. If you continue to experience issues, please notify the site administrator.

Working...