Monday 15 June 2015

US Government OPM hack

07:44 Posted by G No comments
Interesting and rather scary insight into another big US government security breach, the OPM (Office of Personnel Management) has been hacked, and large numbers (up to 14 million) of government staff's data stolen. The article talks about how until 2013 they didn't have anyone in an IT security role, see the quote below...

" The OPM had no IT security staff until 2013, and it showed. The agency was harshly criticized for its lax security in an inspector general’s report released last November that cited its lack of encryption and the agency’s failure to track its equipment. Investigators found that the OPM failed to maintain an inventory list of all of its servers and databases and didn’t even know all the systems that were connected to its networks. The agency also failed to use multi-factor authentication for workers accessing the systems remotely from home or on the road."

It seems incredible that a government agency has been so lax even in the last 2 years, I hope the UK government is taking better care of its staff's data.... (that might be a big hope)


Post a Comment

Note: only a member of this blog may post a comment.