The US Office of Personnel Management Systems Are Still Insecure

The security posture of the Office of Personnel Management has improved drastically and by the end of the year, the agency is on track to meeting almost all recommendations the US Government Accountability Office (GAO) made over the past two years. Full compliance is expected by the end of 2019.

GAO carried out between February 2015 and August 2017 multiple reviews of the security stance of the Office of Personnel Management (OPM), which resulted in four different reports with recommendations for improvements.

It is important to remind the readers that OPM is an agency of the US federal government that handles personal data of the government’s civilian workforce. In June 2015, the agency reported a data breach that was initially thought to affect 4 million federal employees. Details from the investigation pointed to a number of 21.5 million individuals being affected by the hack.

Read more…
Source: Bleeping Computer