The Office of Personnel Management (OPM) has shut down the web gateway which supported Federal Background Investigations for contractors and employees in a move it has described as “proactive” and “temporary”, in response to the discovery of a vulnerability. With the review of security measures at the agency still ongoing, a spokesperson has stated that this flaw is not involved in the recent breach, however this enhancement of security was necessary. The agency also stressed that there had been no detection of this flaw having been exploited by hackers.
Data security at the OPM has been a central focus of the media recently, with news that hackers may have accessed the details of as many as 18 million individuals. This data in some cases may have included very personal data, regarding areas such as financial difficulties, sex lives, substance abuse which could be used to blackmail or coerce individuals into compliance with the criminals.
The system, called E-QIP, is expected to be offline for between 4 and 6 weeks while improvements are implemented.
http://arstechnica.com/tech-policy/2015/06/opm-shuts-down-background-investigation-portal-because-of-vulnerability/
