federalThe recent breach of the U.S. Office of Personnel Management which exposed the information of 4 million employees is potentially a lot worse than the government has made it out to be. According to a letter obtained by the Associated Press from J. David Cox, president of the American Federation of Government Employees union, hackers stole personal data and the social security numbers of every federal employee. That includes current employees, as well as federal retirees and former federal employees.

Considering the central personnel data file for each employee contains up to 780 pieces of information about the employee, there’s a lot for those exposed in this breach to be concerned about. Data believed to have been stolen includes military records and veterans’ status information, addresses, birth dates, job and pay history, health insurance information, life insurance information, pension information and data on age, gender and race. The union is accusing the OPM of downplaying the severity of the breach and says it believes social security numbers weren’t encrypted.

Who is at the heart of this attack?

Although it hasn’t been officially confirmed, most signs point toward state-sponsored Chinese hackers as the culprits responsible for this attack. Recent comments by intelligence officials as well as members of the government leadership like Sen. Harry Reid have fueled this theory. There seems to be a worrying pattern emerging of Chinese state-sponsored hacks of the U.S. government as well as U.S. businesses. Intelligence officials have said that nearly every major U.S. company has been hacked from China. The targeting of government data seems to indicate that the goal is to build a database of information about the U.S. government’s inner workings and employees to perpetrate future attacks.

Should I be concerned?

Anyone who has been employed by the federal government should be concerned about the potential for identity theft. Taking measures to protect yourself, such as following the steps outlined in this article, can be a good way to feel better about this intrusion of privacy. Even for those whose information wasn’t exposed, this kind of data breach into the government is not easy to swallow. If the U.S. government can’t protect its employees’ data, how can companies run by regular people? Although you can’t completely prevent identity theft, you can educate yourself and take measures to protect your privacy. Learn more by following our identity theft protection blog.