The Department of Homeland Security on Wednesday issued notification letters to agency employees who may have been impacted by a data breach in May 2017 related to the case management system of the agency’s office of inspector general, Federal News Radio reported Wednesday.
DHS OIG found out in May that its former employee had an unauthorized copy of the case management platform that contained personally identifiable information of approximately 246,167 DHS personnel employed in 2014 and individuals involved in OIG investigations between 2002 and 2014.
“The privacy incident did not stem from a cyber-attack by external actors, and the evidence indicates that affected individual’s personal information was not the primary target of the unauthorized exfiltration,” Phillip Kaplan, DHS chief privacy officer, wrote in the letter.
Kaplan said DHS will provide people affected by the OIG breach with free identity protection and credit monitoring services through AllClear ID for 18 months.
During the 18-month period, AllClear ID will offer credit restoration, financial loss recovery support services and a $1 million identity theft insurance policy to affected individuals.