Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors


Goldman Scarlato & Penny Investigating OPM Data Breach

GSP, P.C. is investigating a possible claim on behalf of all persons, including federal employees, whose private information was compromised as a result of the data breaches announced by the Office of Personnel Management (“OPM”) on June 4, 2015 and July 9, 2015.

On June 4, 2015, the OPM announced that it would notify approximately 4 million current and former federal applicants and employees in the executive branch of the government that the OPM’s database had been hacked and employee’s private information was stolen.

On July 9, 2015, the OPM announced a second, “related cybersecurity incident[]” that affected 22.1 million individuals that included the theft of employees’ social security numbers, including 19.7 million people who applied for a background investigation, and 1.8 million non-applicants, mostly spouses or co-habitants of the applicants. Anyone who underwent a background investigation since 2000 is likely to have had their private information stolen.

The OPM now concedes that the stolen information includes social security numbers, residency and educational history, employment history, information about immediate family and other personal and business acquaintances, health, and criminal and financial history. Usernames and passwords used to fill out the investigation forms were also stolen.

Since at least 2007, the OPM has been on notice of significant deficiencies in its cyber security protocol, and has failed to take the appropriate steps to prevent the OPM data breach.
In its November, 2014 audit report, the OIG identified several cyber security deficiencies that “could potentially have national security implications,” including a decentralized governance structure, a lack of acceptable risk management policies and procedures, failure to maintain a mature vulnerability scanning program to find and track the status of security weaknesses in software systems, a high rate of false security alerts, remote access sessions which did not terminate or lock out after a period of inactivity, and other failures.

Donna Seymour, Chief Information Officer of the OPM, conceded to Politico that the penetrated databases did not use industry best practices such as encryption.

One day after revealing the second, larger OPM data breach, the OPM Director resigned.

If you have been notified by the OPM that your information was stolen or if you believe that you are a victim of the OPM data breach, please contact a GSP attorney to learn more about your rights. GSP attorneys are actively litigating data breach actions against Community Health Systems, Anthem, Premera, Intuit and Target. Please contact Mark Goldman at [email protected] or Paul Scarlato at [email protected] or call (484) 342-0700 with any questions you may have.

In our legal system, every person is innocent until and unless found guilty by a court of law or a tribunal. Whenever we reference “allegations” or charges that are “alleged,” such allegations or charges have not been proven, and are merely accusations, not findings of fault, as of the date of the blog. We do not have, nor do we undertake, a duty to continue to monitor or follow cases about which we report, and/or to publish subsequent updates regarding various developments that may occur in such cases. Readers are encouraged to conduct their own research regarding any such cases and any developments that may or may not have occurred in such cases. Also, the brokercheck report linked to some of our blogs is the up-to-date version as of the date of accessing. Visitors may check the most recent version of each brokercheck report at

Leave a Reply