DOJ Admits Error in Claiming Link Between Identity Theft and OPM Data Breach
The Department of Justice, as referenced in last week’s “The Takedown” column here in FEDagent, recently announced that it had filed charges against a Virginia man who had taken out a number of loans under the identity of a federal employee.
Initial reports and coverage indicated that the data was obtained as a result of the data breach that compromised the U.S. Office of Personnel Management (OPM), a notable claim, as it was said to represent the first crime directly connected to the breach. This week, DOJ has admitted it may have been premature in connecting the crime to the OPM data breach.
“Because the victims in this case had other things in common in terms of employment and location, it is possible that their data came from another source,” Assistant Attorney General Stephen E. Boyd said.
The story initially created a flurry of activity, including amongst lawmakers, with officials having previously insisted that “the massive cache of sensitive security clearance information about more than 20 million current and former federal employees was stolen by the Chinese government—not criminal fraudsters,” writes NextGov.
An identity theft case confirmed to be linked to the breach would mean previous assurances that federal employees would face no direct impact from their data being compromised would no longer apply, and that millions of feds might be actively under threat of identity theft.
However, according to DOJ:
“Regrettably the [U.S. Attorney’s Office’s] original press release…implied a premature conclusion that the exclusive and known source of the stolen identities used in the Langley Federal Credit Union fraud case was the OPM data breach,” which prompted DOJ to conduct an internal review of the case and the wording of the press release.”
“At present the investigation has not determined how [the] identity information used in this case was obtained and whether it can, in fact, be sourced directly to the OPM data breach,” concluded the agency’s updated statement on the matter.