Did you by chance hack OPM back in 2015? Good news, your password probably still works!

[InfoSec News <alerts () infosecnews org>]

https://www.theregister.co.uk/2018/11/14/opm_hack_failure/

By Shaun Nichols
The Register
14 Nov 2018

More than three years after suffering one of the largest cyber-attacks in 
US government history, the Office of Personnel Management has yet to adopt 
dozens of the security measures investigators ordered - including basic 
stuff like changing passwords.

A report issued this week by Government Accountability Office (GAO) 
disclosed that the OPM has failed to comply with more than a third of 
recommendations its investigators made for improving the office's network 
security and data protection.

The GAO audit (PDF) looked over a series of four reports its investigators 
issued between 2015 and 2017 concerning the massive theft of sensitive 
records on around 21.5 million current, former, and prospective government 
workers from Uncle Sam's computer systems.

Since the last report was written in August of 2017, GAO says that OPM has 
only complied with 51 of those 80 items. Far from being abstract, 
bureaucratic measures, the lapses noted by the audit include some very 
basic security practices.

[...]



--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_