Click here to skip navigation
An official website of the United States Government.

Cybersecurity Resource Center Sign Up for Services

Approximately 21.5 million individuals were impacted by the cyber incident involving background investigation records. The Sign Up information below relates to that incident.

Approximately 4.2 million individuals were impacted by a separate but related cyber incident involving personnel records. Most of those people were also impacted by the cyber incident involving background investigations records; approximately 600,000 individuals were impacted only by the cyber incident involving personnel records. If you think you may have been one of the individuals who were solely impacted by the personnel records incident, please access our Information About Personnel Data Incident section for more information.

Background Investigation Records Incident - Sign Up for Services

If you received a notification letter and 25-digit PIN code from the Office of Personnel Management, we have determined that your Social Security number and other personal information were compromised in the background investigation records incident.

Enrollment for Impacted Individuals

If you’ve received a notification letter and PIN code from OPM, please sign up for MyIDCare.

Sign Up Online

Returning? Log In

Or by phone:

800-750-3004 (Toll Free)

Monday-Saturday, 9AM-9PM ET

We are offering you, and any of your dependent minor children who were under the age of 18 as of July 1, 2015, a comprehensive suite of credit and identity monitoring, identity theft insurance, and identity restoration services. The Government initially announced the provision of services for approximately a three¬-year period which was set to end on December 31, 2018 for those impacted by the background investigation records data incident. In late 2015, the President signed into law a provision which will extend identity protection coverage to a period of not less than 10 years for those who were impacted by the background investigation records incident, as well as a separate but related incident involving personnel records. OPM is working to implement this extended 10-year period.

Here are the services the Federal Government is providing to individuals impacted by the background investigation records incident:

  1. Identity monitoring

    Identity monitoring services include monitoring of the internet and database sources including those pertaining to criminal records, arrest records, bookings, court records, pay day loans, bank accounts, checks, sex offenders, changes of address, and Social Security number traces. Please sign up with the service provider to access this benefit.

  2. Credit monitoring

    This includes credit monitoring of credit reports at all three national credit reporting agencies (e.g., Experian, Equifax, and TransUnion). Please sign up with the service provider to access this benefit.

  3. Identity restoration services

    If your identity is compromised, representatives from the service provider will work with you to take steps to restore your identity. You have access to this benefit at any time during the coverage period without having to enroll in monitoring services; however, to utilize the restoration services, impacted individuals will need to verify that they are eligible to access services with the service provider.

  4. Identity theft insurance

    For those impacted by the cyber incident involving background investigation records, identity theft insurance has been provided to impacted individuals and their dependent minor children regardless of their enrollment status in other services. Identity theft insurance became effective on September 1, 2015 and the scope of this coverage includes all incidents of identity theft that occur during the coverage period, regardless of the source. This insurance covers you for expenses incurred in restoring your identity, with no deductible.

If you have received a notification letter and PIN code from OPM, please sign up with the service provider.

Back to Top

Sample Notification Letters (Summer 2016)

Notification letters were mailed in the fall of 2015. In the summer of 2016, OPM was able to remail certain letters that were previously returned as undeliverable.

  1. If your fingerprints were not compromised

    If our records indicate your fingerprints were not compromised, your notification letter will look like this.

  2. If your fingerprints were compromised

    If our records indicate your fingerprints were compromised, your notification letter will look like this.

Sample Notification Letters (Fall 2015)

  1. If your fingerprints were not compromised

    If our records indicate your fingerprints were not compromised, your notification letter will look like this.

  2. If your fingerprints were compromised

    If our records indicate your fingerprints were compromised, your notification letter will look like this.

Sample Notification Letters you will receive after you have contacted the Verification Center

  1. If your fingerprints were not compromised

    If our records indicate your fingerprints were not compromised, your notification letter will look like this.

  2. If your fingerprints were compromised

    If our records indicate your fingerprints were compromised, your notification letter will look like this.

  3. If the Government determined you were not impacted

    If the Government has determined that you were not impacted, your notification letter will look like this.

Back to Top

Verify if You Were Impacted in the Background Investigation Records Incident

Contacting the Verification Center

Verify Online

Or by phone:

866-408-4555 (Toll Free)

503-520-4453 (International)

503-597-7662 (TTY)

Monday-Friday, 9AM–9PM ET

Privacy Statement

The Federal Government has set up a Verification Center to assist individuals who believe their data may have been impacted in the incident involving background investigation records. The U.S. Office of Personnel Management and its partners across government are committed to delivering high quality identity protection services to those impacted by this incident.

The Verification Center will assist individuals who previously received a letter notifying them that their data had been impacted by the cyber incident, and would like to have a copy of their letter resent. The center will also assist those who believe their data may have been impacted by the incident, but have not received their notification letters.

How can I access the Verification Center?

You may access the Verification Center at https://www.opm.gov/cybersecurity. Those needing assistance with submitting their information may call the Verification Center at 866-408-4555 Monday through Friday, between 9:00 a.m. and 9:00 p.m. Eastern Time.

In addition to signing up for services and contacting the Verification Center, there are a number of actions you can take right now:

Back to Top

Cyber Security Incidents

What Happened

In 2015, OPM discovered two separate but related cybersecurity incidents that have impacted the data of Federal government employees, contractors, and others. First, OPM discovered malicious cyber activity on its network that affected the personnel data of approximately 4.2 million current and former Federal government employees. Second, OPM discovered malicious cyber activity on its network that affected the background investigation records of approximately 21.5 million individuals, primarily current, former, and prospective Federal employees and contractors. All but approximately 600,000 individuals who were impacted by the personnel records incident were also impacted by the background investigation records incident. OPM has provided notifications to individuals who were impacted in these incidents.

OPM partnered with the U.S. Department of Homeland Security's Computer Emergency Readiness Team (US-CERT) and the Federal Bureau of Investigation (FBI) to investigate and determine the potential impact of these incidents. There is no evidence that separate systems that store information regarding the health, financial, payroll and retirement records of Federal personnel were impacted by this incident (for example, annuity rolls, retirement records, USA JOBS, Employee Express).

Who responded to these incidents?

OPM partnered with the U.S. Department of Homeland Security's Computer Emergency Readiness Team (US-CERT), and the Federal Bureau of Investigation (FBI) to investigate and determine the potential impact of this incident.

Is the threat now resolved?

Based upon analysis and forensics to date, the interagency incident response team has assessed that adversary activity on OPM's network was terminated.

How You May Be Impacted

If you underwent a Federal background investigation in the year 2000 or afterwards (which occurs through the submission of forms SF-86, SF-85, or SF-85P either for a new investigation or a reinvestigation), it is highly likely that you were impacted by the incident involving background investigation records. If you underwent a background investigation prior to the year 2000, you still may be impacted, but it is less likely.

Learn more about who was impacted and the protections we are working to put into place.

Current and former Federal Government employees

If you are a current or former Federal Government employee, including members of the U.S. military, you may have been impacted by the incident affecting background investigation records. Current or former Federal Government employees may also have been impacted by the separate personnel records incident.

Types of information involved in the background investigation records incident that may have been impacted include:

  • Name.
  • Social Security number.
  • Residency and educational history.
  • Employment history.
  • Information about immediate family and personal and business acquaintances that would have been provided as part of your background investigation.
  • Health, criminal and financial history that would have been provided as part of your background investigation.

Some records could also include:

  • Findings from interviews conducted by background investigators.
  • Fingerprints.
  • Usernames and passwords used to fill out your forms.

If you may have used your e-QIP (the online system used to process forms) password for other accounts or services, you should change your passwords for those accounts and not reuse any passwords that you used in the e-QIP system. Cybersecurity experts recommend that individuals use different passwords for each of their accounts.

Types of information involved in the personnel records incident include:

  • Name.
  • Social Security number.
  • Date and place of birth.
  • Current and former addresses.
  • Common personnel file information such as job assignments, training records, and benefit selection decisions.

Services available to you:

Those impacted by the background investigation records incident received a notification letter and 25-digit PIN code in the mail. The letter provided details on the incident and the free services available to you and your dependent minor children, such as:

  • Full service identity restoration, which helps to repair your identity if you experience fraudulent activity. Those affected by the background investigation records incident can review the identity theft monitoring and restoration services information.
  • Identity theft insurance, which can help to reimburse you for certain expenses incurred if your identity is stolen and you wish to restore your own identity.
  • Continuous identity and credit monitoring.

Those impacted by the personnel records incident received a separate notification offering free identity theft monitoring and restoration services. As part of this service, those impacted will receive the following services:

  • Full service identity restoration, which helps to repair your identity if you experience fraudulent activity. Those affected by the personnel records data incident can review the identity theft monitoring and restoration services information.
  • Identity theft insurance, which can help to reimburse you for certain expenses incurred if your identity is stolen and you wish to restore your own identity.
  • Continuous identity and credit monitoring.

Instructions on how to enroll in services were included in your notification. If you have not received a notification but believe your data may have been impacted by the personnel records incident, please access our Information About Personnel Records Incident section for more information.

Service members and veterans

The data of service members and veterans may have been impacted by the background investigation records incident. We have no evidence to suggest that the data of service members or veterans who were not also current or former federal employees were affected by the separate personnel records incident.

Types of information involved in the background investigation records incident that may have been impacted:

  • Name.
  • Social Security numbers.
  • Residency and educational history.
  • Employment history.
  • Information about immediate family and personal and business acquaintances that would have been provided as part of your background investigation.
  • Health, criminal and financial history that would have been provided as part of your background investigation.

Some records could also include:

  • Findings from interviews conducted by background investigators.
  • Fingerprints.
  • Usernames and passwords used to fill out your forms.

If you may have used your e-QIP (the online system used to process forms) password for other accounts or services, you should change your passwords for those accounts and not reuse any passwords that you used in the e-QIP system. Cybersecurity experts recommend that individuals use different passwords for each of their accounts.

Services available to you:

Those impacted by the background investigation records incident received a notification letter and 25-digit PIN code in the mail providing details on the incident and the free services available to you and your dependent minor children:

  • Full service identity restoration, which helps to repair your identity if you experience fraudulent activity. Those affected by the personnel records data incident can review the identity theft monitoring and restoration services information.
  • Identity theft insurance, which can help to reimburse you for certain expenses incurred if your identity is stolen and you wish to restore your own identity.
  • Continuous identity and credit monitoring.

Current and former Federal Contractors

The data of current or former Federal contractors may have been impacted by the incident affecting background investigation records. We have no evidence to suggest that the data of current or former Federal contractors who were not also current or former federal employees were impacted by the separate personnel records data incident.

Types of information in the incident involving background investigation records:

  • Name.
  • Social Security numbers.
  • Residency and educational history.
  • Employment history.
  • Information about immediate family and personal and business acquaintances that would have been provided as part of your background investigation.
  • Health, criminal and financial history that would have been provided as part of your background investigation.

Some records could also include:

  • Findings from interviews conducted by background investigators.
  • Fingerprints.
  • Usernames and passwords used to fill out your forms.

If you may have used your e-QIP (the online system used to process forms) password for other accounts or services, you should change your passwords for those accounts and not reuse any passwords that you used in the e-QIP system. Cybersecurity experts recommend that individuals use different passwords for each of their accounts.

Services available to you:

Those impacted by the background investigation records incident received a notification letter and 25-digit PIN code in the mail providing details on the incident and the free services available to you and your dependent minor children.

  • Full service identity restoration, which helps to repair your identity if you experience fraudulent activity.
  • Identity theft insurance, which can help to reimburse you for certain expenses incurred if your identity is stolen and you wish to restore your own identity.
  • Continuous identity and credit monitoring.

Job candidates for federal employment who were required to complete a background investigation

The data of candidates who were required to complete a background investigation form prior to employment may have been impacted by the incident affecting background investigation records. We have no evidence to suggest that the data of candidates who were not also current or former federal employees were impacted by the separate personnel records incident.

Types of information in the incident involving background investigation records:

  • Name.
  • Social Security numbers.
  • Residency and educational history.
  • Employment history.
  • Information about immediate family and personal and business acquaintances that would have been provided as part of your background investigation.
  • Health, criminal and financial history that would have been provided as part of your background investigation.

Some records could also include:

  • Findings from interviews conducted by background investigators.
  • Fingerprints.
  • Usernames and passwords used to fill out your forms.

If you may have used your e-QIP (the online system used to process forms) password for other accounts or services, you should change your passwords for those accounts and not reuse any passwords that you used in the e-QIP system. Cybersecurity experts recommend that individuals use different passwords for each of their accounts.

Services available to you:

Those impacted by the background investigation records incident received a notification letter and 25-digit PIN code in the mail providing details on the incident and the free services available to you and your dependent minor children:

  • Full service identity restoration, which helps to repair your identity if you experience fraudulent activity. Those affected by the personnel records data incident can review the identity theft monitoring and restoration services information.
  • Identity theft insurance, which can help to reimburse you for certain expenses incurred if your identity is stolen and you wish to restore your own identity.
  • Continuous identity and credit monitoring.

Spouses and co-habitants of current or former Federal employees, contractors, and job applicants whose information was impacted

The data of some spouses and partners/co-habitants of impacted applicants may have also been impacted by the cyber incident involving background investigations. Any impacted spouses and partners should have received their own notification letter from OPM.

If your information was listed on a background investigation form by a spouse or co-habitant, the impacted information may include your name, Social Security number, address, date and place of birth, and in some cases, your citizenship information.

Services available to you:

Those impacted by the background investigation records incident received a notification letter and 25-digit PIN code in the mail providing details on the incident and the free services available to you and your dependent minor children:

  • Full service identity restoration, which helps to repair your identity if you experience fraudulent activity.
  • Identity theft insurance, which can help to reimburse you for certain expenses incurred if your identity is stolen and you wish to restore your own identity.
  • Continuous identity and credit monitoring.

Immediate family, close contacts, and references of current and former Federal employees, contractors, and job applicants whose information was stolen

Some background investigation forms ask for the Social Security number (SSN) of your spouse or co-habitant. If that is the case and we have determined that the information was included in the incident, your spouse or co-habitant should also have received a notification and will be able to sign up for services. SSNs were not required for all spouses or cohabitants on other forms. In all other cases, SSNs were not required for other family members. Information you may have provided about other family members includes name, address, date of birth, or other similar information. In many cases, this information is the same as what is generally available in public forums such as online directories or social media, and therefore generally does not present the same level of risk of identity theft or other issues as with a Social Security number.

OPM has partnered with the Department of Defense to establish a Verification Center to assist individuals who have either lost their 25-digit PIN code, or who believe that their data may have been impacted, but have not received a notification letter. If you contact the Verification Center and we determine that your Social Security number and other personal information were included in the cyber intrusion involving background investigation records, you will receive a notification letter that will list your PIN code and give you enrollment instructions. If we conclude your Social Security number was not compromised in the intrusion, after we have compared the identity data that you provided to us with our records, you will receive a letter with that information. This letter usually takes about two to four weeks to arrive by mail. If you submit your information more than once during a six-week period, this may cause a delay in receiving your letter.

You may access the Verification Center at https://www.opm.gov/cybersecurity. For those needing assistance with submitting your information, you may call the Verification Center at 866-408-4555 Monday through Friday, between 9:00 a.m. and 9:00 p.m. Eastern Time.

Back to Top

What You Can Do

In addition to signing up for the free services that OPM is providing, here are steps you can take to help protect your identity:

Spot the warning signs of identity theft

Beware of phishing scams

Phishing is when a bad actor impersonates a business or someone you trust in order to get your private information. Never click on links you do not trust and do not give out your personal information. Legitimate organizations never ask for your information through text messages, pop-up messages, or email. Scammers may call and pretend to be from the government or a business to try to get you to give them sensitive information. If a caller asks for your information, call back using a number you know to be legitimate.

Update your passwords

If the information in your background investigation forms could be used to guess your passwords or if you are using the same password that you did when you filled out your background investigation form, cybersecurity experts recommend that you should change your passwords. Use complex passwords of 10-12 characters, combining letters, numbers, and special characters. Do not use something that is easily guessable for someone who knows you or has information about you. Do not repeat passwords for several accounts. For more information on how to choose a strong password, review the United States Computer Emergency Response Team’s (US-CERT) tips for Choosing and Protecting Passwords.

Get up to speed on online security

Review and check up on your practices for safe, secure and responsible online activity. Onguardonline.gov lists helpful steps you can take to make sure your computer is as safe as possible. For additional information on computer security, including information about firewalls, anti-virus software, and identifying security threats, review tips and the latest cybersecurity alerts and bulletins from the US-CERT National Cyber Awareness System.

If you think your identity has been stolen

If you believe your information has been misused, there are several steps you should take.

  • If you are concerned that you are experiencing identity theft, visit identitytheft.gov. This website explains steps you can take to recover your identity.
  • If you are concerned about your child's identity being stolen, the Federal Trade Commission has information and resources to know what to look for and how to get help.
  • You can also report fraud to the FBI.

Learn how to keep your information safe from exploitation

You can find information about the measures you can take to improve the safety of your personal information at the National Counterintelligence and Security Center (NCSC).

Tips for practicing safe online behavior every day

Practicing safer online behavior helps you protect yourself from identity theft, fraud, and other online crimes and malicious activity. Learn what you can do to protect yourself, your family, and your workplace through tips and free resources from Stop. Think. Connect, a national cybersecurity awareness campaign led by the Department of Homeland Security and the National Cyber Security Alliance.

Back to Top

What We're Doing to Help

Supporting people who have been impacted

Identity theft protection and credit monitoring services have been provided at no cost to individuals whose information was compromised in the OPM cyber incidents. For those impacted by the background investigation records incident, your dependent minor children are also eligible for these services.

The provided services include:

  • Full service identity restoration, which helps to repair your identity if you experience fraudulent activity.
  • Identity theft insurance, which can help to reimburse you for certain expenses incurred if your identity is stolen and you wish to restore your own identity.
  • Continuous identity and credit monitoring.

Continuing to strengthen cyber defenses at OPM and across Federal Government

In partnership with experts from the Department of Defense, Department of Homeland Security, Federal Bureau of Investigation and other Federal agency partners, OPM is undertaking continual and progressive action to strengthen its broader cyber defenses and information technology (IT) systems as well as to modernize its systems.

View more information about what the U.S. Government is doing to improve its cyber defenses, enhance our response capabilities, and upgrade our incident management tools.

For an automated message on the incidents, please call 866-740-7153.

Back to Top

Control Panel