It is now understood that The OPM (Office of Personnel Management) was aware of security failings within it’s online background check system since 2012. That being approximately 3 years prior to the OPM shutting down the background check system to put things right and address the security breaches. On Wednesday a House Sub Committee was advised by The Assistant Inspector General for Audits (Michael Esser) that the OPM had been aware of the vulnerabilities for years but had failed to act.
Towards the end of June The Office of Personnel Management advised the suspension of the background check platform (e-QIP). This following security reviews following substantial hacks which uncovered significant security defects.
While it was originally estimated that upwards of 18 million individuals may have been exposed this figure has now been revised upwards to around twenty one and a half million. It raises pertinent questions over why the OPM didn’t act sooner to correct glaring errors in it’s background check system. OPM repeatedly failed to acknowledge warnings, ignoring recommendations to close down numerous weaker systems.
Esser, on Wednesday, also accused the OPM of also failing to respond to alerts over the e-QIP system. This being used for filing of background check security clearances. Beginning in 2012 eighteen security vulnerabilities were identified by the oversight arm. It is not known and/or no information has been forthcoming as to whether this was the reason for last weeks shut down.
The reason why the OPM allowed the defective systems to continue to run on was that benefits and pay checks had to be met. Irrespective OPM director maintained that the recommendations of the watchdog are always taken in to account. The e-QIP background check system may be functional by late July or the early part of August.
DISCLAIMER: Please note the content within this blog/site is for informational, educational and entertainment purposes and should not be construed or perceived as professional or legal advice in respect of any of the subject matter. Any information you may rely on you do so at your own risk. The site owner/s will not be held responsible or liable for any damages from or related to your use of content, information and blog posts. The site owner/s take reasonable care to ensure that the information contained within this site is complete and correct but does not warrant this to be the case and accepts no liability for any errors, spelling mistakes or omissions. Any opinion or information in this site are put forth by the site owner/s on the basis of information obtained from sources believed to be reliable but not verified independently.