The Federal Government will Become America's Model Employer for the 21st Century.
Recruit, Retain and Honor a World-Class Workforce to Serve the American People.
Human Resources and Security Specialists should use this tool to determine the correct investigation level for any covered position within the U.S. Federal Government.
OPM’s Human Resources Solutions organization can help your agency answer this critically important question.
Developing senior leaders in the U.S. Government through Leadership for a Democratic Society, Custom Programs and Interagency Courses.
Visit this federal site to search for our regulatory notices, proposed and final rules.
See the latest tweets on our Twitter feed, like our Facebook pages, watch our YouTube videos, and page through our Flickr photos.
I have received a notification letter and PIN from OPM.
Enroll with SERVICE PROVIDER
I think I may be impacted and do not have a letter.
Reach the VERIFICATION CENTER
Already have a MyIDCare account? Log in here
Approximately 21.5 million individuals were impacted by the cyber incident involving background investigation records. The Sign Up information below relates to that incident.
Approximately 4.2 million individuals were impacted by a separate but related cyber incident involving personnel records. Most of those people were also impacted by the cyber incident involving background investigations records; approximately 600,000 individuals were impacted only by the cyber incident involving personnel records. If you think you may have been one of the individuals who were solely impacted by the personnel records incident, please access our Information About Personnel Data Incident section for more information.
If you received a notification letter and 25-digit PIN code from the Office of Personnel Management, we have determined that your Social Security number and other personal information were compromised in the background investigation records incident.
If you’ve received a notification letter and PIN code from OPM, please sign up for MyIDCare.
Sign Up Online
Returning? Log In
800-750-3004 (Toll Free)
Monday-Saturday, 9AM-9PM ET
We are offering you, and any of your dependent minor children who were under the age of 18 as of July 1, 2015, a comprehensive suite of credit and identity monitoring, identity theft insurance, and identity restoration services. The Government initially announced the provision of services for approximately a three¬-year period which was set to end on December 31, 2018 for those impacted by the background investigation records data incident. In late 2015, the President signed into law a provision which will extend identity protection coverage to a period of not less than 10 years for those who were impacted by the background investigation records incident, as well as a separate but related incident involving personnel records. OPM is working to implement this extended 10-year period.
Here are the services the Federal Government is providing to individuals impacted by the background investigation records incident:
Identity monitoring services include monitoring of the internet and database sources including those pertaining to criminal records, arrest records, bookings, court records, pay day loans, bank accounts, checks, sex offenders, changes of address, and Social Security number traces. Please sign up with the service provider to access this benefit.
This includes credit monitoring of credit reports at all three national credit reporting agencies (e.g., Experian, Equifax, and TransUnion). Please sign up with the service provider to access this benefit.
If your identity is compromised, representatives from the service provider will work with you to take steps to restore your identity. You have access to this benefit at any time during the coverage period without having to enroll in monitoring services; however, to utilize the restoration services, impacted individuals will need to verify that they are eligible to access services with the service provider.
For those impacted by the cyber incident involving background investigation records, identity theft insurance has been provided to impacted individuals and their dependent minor children regardless of their enrollment status in other services. Identity theft insurance became effective on September 1, 2015 and the scope of this coverage includes all incidents of identity theft that occur during the coverage period, regardless of the source. This insurance covers you for expenses incurred in restoring your identity, with no deductible.
If you have received a notification letter and PIN code from OPM, please sign up with the service provider.
Back to Top
Notification letters were mailed in the fall of 2015. In the summer of 2016, OPM was able to remail certain letters that were previously returned as undeliverable.
If our records indicate your fingerprints were not compromised, your notification letter will look like this.
If our records indicate your fingerprints were compromised, your notification letter will look like this.
If the Government has determined that you were not impacted, your notification letter will look like this.
866-408-4555 (Toll Free)
Monday-Friday, 9AM–9PM ET
The Federal Government has set up a Verification Center to assist individuals who believe their data may have been impacted in the incident involving background investigation records. The U.S. Office of Personnel Management and its partners across government are committed to delivering high quality identity protection services to those impacted by this incident.
The Verification Center will assist individuals who previously received a letter notifying them that their data had been impacted by the cyber incident, and would like to have a copy of their letter resent. The center will also assist those who believe their data may have been impacted by the incident, but have not received their notification letters.
You may access the Verification Center at https://www.opm.gov/cybersecurity. Those needing assistance with submitting their information may call the Verification Center at 866-408-4555 Monday through Friday, between 9:00 a.m. and 9:00 p.m. Eastern Time.
In addition to signing up for services and contacting the Verification Center, there are a number of actions you can take right now:
In 2015, OPM discovered two separate but related cybersecurity incidents that have impacted the data of Federal government employees, contractors, and others. First, OPM discovered malicious cyber activity on its network that affected the personnel data of approximately 4.2 million current and former Federal government employees. Second, OPM discovered malicious cyber activity on its network that affected the background investigation records of approximately 21.5 million individuals, primarily current, former, and prospective Federal employees and contractors. All but approximately 600,000 individuals who were impacted by the personnel records incident were also impacted by the background investigation records incident. OPM has provided notifications to individuals who were impacted in these incidents.
OPM partnered with the U.S. Department of Homeland Security's Computer Emergency Readiness Team (US-CERT) and the Federal Bureau of Investigation (FBI) to investigate and determine the potential impact of these incidents. There is no evidence that separate systems that store information regarding the health, financial, payroll and retirement records of Federal personnel were impacted by this incident (for example, annuity rolls, retirement records, USA JOBS, Employee Express).
OPM partnered with the U.S. Department of Homeland Security's Computer Emergency Readiness Team (US-CERT), and the Federal Bureau of Investigation (FBI) to investigate and determine the potential impact of this incident.
Based upon analysis and forensics to date, the interagency incident response team has assessed that adversary activity on OPM's network was terminated.
If you underwent a Federal background investigation in the year 2000 or afterwards (which occurs through the submission of forms SF-86, SF-85, or SF-85P either for a new investigation or a reinvestigation), it is highly likely that you were impacted by the incident involving background investigation records. If you underwent a background investigation prior to the year 2000, you still may be impacted, but it is less likely.
Learn more about who was impacted and the protections we are working to put into place.
If you are a current or former Federal Government employee, including members of the U.S. military, you may have been impacted by the incident affecting background investigation records. Current or former Federal Government employees may also have been impacted by the separate personnel records incident.
Types of information involved in the background investigation records incident that may have been impacted include:
Some records could also include:
If you may have used your e-QIP (the online system used to process forms) password for other accounts or services, you should change your passwords for those accounts and not reuse any passwords that you used in the e-QIP system. Cybersecurity experts recommend that individuals use different passwords for each of their accounts.
Types of information involved in the personnel records incident include:
Those impacted by the background investigation records incident received a notification letter and 25-digit PIN code in the mail. The letter provided details on the incident and the free services available to you and your dependent minor children, such as:
Those impacted by the personnel records incident received a separate notification offering free identity theft monitoring and restoration services. As part of this service, those impacted will receive the following services:
Instructions on how to enroll in services were included in your notification. If you have not received a notification but believe your data may have been impacted by the personnel records incident, please access our Information About Personnel Records Incident section for more information.
The data of service members and veterans may have been impacted by the background investigation records incident. We have no evidence to suggest that the data of service members or veterans who were not also current or former federal employees were affected by the separate personnel records incident.
Types of information involved in the background investigation records incident that may have been impacted:
Those impacted by the background investigation records incident received a notification letter and 25-digit PIN code in the mail providing details on the incident and the free services available to you and your dependent minor children:
The data of current or former Federal contractors may have been impacted by the incident affecting background investigation records. We have no evidence to suggest that the data of current or former Federal contractors who were not also current or former federal employees were impacted by the separate personnel records data incident.
Types of information in the incident involving background investigation records:
Those impacted by the background investigation records incident received a notification letter and 25-digit PIN code in the mail providing details on the incident and the free services available to you and your dependent minor children.
The data of candidates who were required to complete a background investigation form prior to employment may have been impacted by the incident affecting background investigation records. We have no evidence to suggest that the data of candidates who were not also current or former federal employees were impacted by the separate personnel records incident.
The data of some spouses and partners/co-habitants of impacted applicants may have also been impacted by the cyber incident involving background investigations. Any impacted spouses and partners should have received their own notification letter from OPM.
If your information was listed on a background investigation form by a spouse or co-habitant, the impacted information may include your name, Social Security number, address, date and place of birth, and in some cases, your citizenship information.
Some background investigation forms ask for the Social Security number (SSN) of your spouse or co-habitant. If that is the case and we have determined that the information was included in the incident, your spouse or co-habitant should also have received a notification and will be able to sign up for services. SSNs were not required for all spouses or cohabitants on other forms. In all other cases, SSNs were not required for other family members. Information you may have provided about other family members includes name, address, date of birth, or other similar information. In many cases, this information is the same as what is generally available in public forums such as online directories or social media, and therefore generally does not present the same level of risk of identity theft or other issues as with a Social Security number.
OPM has partnered with the Department of Defense to establish a Verification Center to assist individuals who have either lost their 25-digit PIN code, or who believe that their data may have been impacted, but have not received a notification letter. If you contact the Verification Center and we determine that your Social Security number and other personal information were included in the cyber intrusion involving background investigation records, you will receive a notification letter that will list your PIN code and give you enrollment instructions. If we conclude your Social Security number was not compromised in the intrusion, after we have compared the identity data that you provided to us with our records, you will receive a letter with that information. This letter usually takes about two to four weeks to arrive by mail. If you submit your information more than once during a six-week period, this may cause a delay in receiving your letter.
You may access the Verification Center at https://www.opm.gov/cybersecurity. For those needing assistance with submitting your information, you may call the Verification Center at 866-408-4555 Monday through Friday, between 9:00 a.m. and 9:00 p.m. Eastern Time.
In addition to signing up for the free services that OPM is providing, here are steps you can take to help protect your identity:
Phishing is when a bad actor impersonates a business or someone you trust in order to get your private information. Never click on links you do not trust and do not give out your personal information. Legitimate organizations never ask for your information through text messages, pop-up messages, or email. Scammers may call and pretend to be from the government or a business to try to get you to give them sensitive information. If a caller asks for your information, call back using a number you know to be legitimate.
If the information in your background investigation forms could be used to guess your passwords or if you are using the same password that you did when you filled out your background investigation form, cybersecurity experts recommend that you should change your passwords. Use complex passwords of 10-12 characters, combining letters, numbers, and special characters. Do not use something that is easily guessable for someone who knows you or has information about you. Do not repeat passwords for several accounts. For more information on how to choose a strong password, review the United States Computer Emergency Response Team’s (US-CERT) tips for Choosing and Protecting Passwords.
Review and check up on your practices for safe, secure and responsible online activity. Onguardonline.gov lists helpful steps you can take to make sure your computer is as safe as possible. For additional information on computer security, including information about firewalls, anti-virus software, and identifying security threats, review tips and the latest cybersecurity alerts and bulletins from the US-CERT National Cyber Awareness System.
If you believe your information has been misused, there are several steps you should take.
You can find information about the measures you can take to improve the safety of your personal information at the National Counterintelligence and Security Center (NCSC).
Practicing safer online behavior helps you protect yourself from identity theft, fraud, and other online crimes and malicious activity. Learn what you can do to protect yourself, your family, and your workplace through tips and free resources from Stop. Think. Connect, a national cybersecurity awareness campaign led by the Department of Homeland Security and the National Cyber Security Alliance.
Identity theft protection and credit monitoring services have been provided at no cost to individuals whose information was compromised in the OPM cyber incidents. For those impacted by the background investigation records incident, your dependent minor children are also eligible for these services.
The provided services include:
In partnership with experts from the Department of Defense, Department of Homeland Security, Federal Bureau of Investigation and other Federal agency partners, OPM is undertaking continual and progressive action to strengthen its broader cyber defenses and information technology (IT) systems as well as to modernize its systems.
View more information about what the U.S. Government is doing to improve its cyber defenses, enhance our response capabilities, and upgrade our incident management tools.
For an automated message on the incidents, please call 866-740-7153.