From NextGov:

The letter should be in the mail. That was the message from the Office of Personnel Management on Friday afternoon — six months after disclosing an agency hack in which personal data on 21.5 million federal employees, contractors and their families was stolen.

The government has finished mailing 93 percent of the victims — including the deceased — notification letters offering three years of ID protection services, OPM officials said.

Mailing addresses could not be found for 1.5 million of the affected individuals. And OPM expects it will have to resend some letters because hundreds of thousands have been returned.

The attack — suspected to be a Chinese-funded espionage operation — grabbed background check records on security clearance applicants dating back to at least 2000, during which time many have moved.

The Pentagon last week officially launched a secure website that lets people check whether their records were compromised. Users can enter their Social Security numbers and other identifying details, along with their current addresses, to receive a status letter.

“Additional letters will be mailed as individuals contact the verification center or if we can obtain better addresses for letters returned to sender through the postal service,” OPM officials said in a statement. “Due to security and privacy protections,” the process of obtaining a yes or a no through the website “may take a few weeks.”

As of Nov. 20, a number of letters had bounced back, though less than 2 percent of the 21.5 million total, according to Advanced…

Continue Reading