The personal information of more than 48,000 federal employees may have been compromised as a result of a security breach at the company contracted to perform background checks.
Department of Homeland Security spokesman S.Y. Lee told Nextgov Thursday that it is aware of the "potential intrusion" and is "working with [the Office of Personnel Management] and other interagency partners, the [National Cybersecurity and Communications Integration Center], per standard procedure, deployed an on-site [U.S.-Computer Emergency Readiness Team] to assess and mitigate any risks identified."
OPM spokeswoman Donna Seymour said that following the discovery of the problem, KeyPoint implemented numerous controls to strengthen the security of its network, adding that the immediacy with which the contractor remediated the vulnerabilities allowed OPM to continue to conduct business with the company without interruption.
This isn't the first time a private company holding federal employee information has been hacked. Earlier this year, USIS, which once conducted background checks on 25,000 federal employees, announced that at least some of its systems were breached. That security scare led OPM to eventually cut ties with USIS as a federal contractor.
However, just one month before the USIS cyberattack, OPM reportedly experienced a breach of its own which was widely thought to have been the work of hackers in China. A senior DHS official later responded by saying that "neither the personnel agency nor Homeland Security had identified any loss of personally identifiable information.” Nonetheless, an emergency response team was assigned “to assess and mitigate any risks identified.”
KeyPoint did not immediately respond to TheBlaze when asked for a comment.
Follow Jon Street (@JonStreet) on Twitter