June 16, 2015
The Honorable Katherine Archuleta
Director
U.S. Office of Personnel Management
1900 E Street NW
Washington, DC 20415
Dear Director Archuleta:
The Federal Law Enforcement Officers
Association (FLEOA) is the largest non-partisan professional association that
exclusively represents over 28,000 current and retired federal law enforcement
officers and special agents from over 65 federal agencies.
Below are FLEOA’s concerns about the Office
of Personnel Management (OPM) data breaches, our demands of the government, and
a list of questions that remain unanswered.
1. OPM turned its back
on Federal Law Enforcement Officers (LEOs) when they failed to protect
sensitive information from an inexcusable breach, and OPM’s delayed and aloof
response is a pathetic and irresponsible miscarriage of its obligations to
affected Americans.
2. The very lives of
federal Law Enforcement Officers (LEOs) are now in danger, and the safety and
security of innocent people—including LEO families—are now in jeopardy because
of OPM’s abysmal failure and its continuing ignorance of the severity of the breach.
3. The information
lost includes personal, financial and location information of LEOs and their
families leaving them vulnerable to attack and retaliation from criminals and
terrorists currently or formerly investigated by the United States.
4. If one LEO or a
family member is harmed or killed, OPM will have blood on their hands.
5. The information
lost can lead to the theft of additional information on tens or hundreds of
millions of Americans, and thousands of foreign nationals who do business with
the United States.
6. OPM’s failure
threatens the lives of covert operatives and agents. In addition, this kind of information often
is used to spy on or steal information against the United States.
FLEOA
Demands:
1. FLEOA demands a
full investigation by the FBI and other authorities external to OPM, with the
possibility of criminal charges and civil lawsuits arising from its findings.
2. FLEOA demands that
OPM provide long-term virtual and physical protections for those in danger,
including lifetime credit and other monitoring to detect and prevent attacks by
international adversaries, criminals and terrorists.
3. FLEOA demands an
immediate overhaul of the security system used to store and access sensitive
information, including firewalls, separate servers, proper authentication, and
other state-of-the-art technology.
4. FLEOA demands
immediate answers on exactly what information was breached so that LEOs can
protect themselves.
Unanswered
questions for OPM:
1. Exactly what
information was stolen?
2. What is OPM going
to do to provide for the safety and security of LEOs and their families now
that their lives and financial security are in jeopardy?
3. When LEO’s are at
work, how will OPM keep their families safe?
4. Will OPM cover the
costs or indemnify the individuals who suffer harm if their identity is stolen
(employees, family, friends and others listed on stolen forms)?
5. It is illegal to
release or improperly secure information.
Who will be held accountable?
6. Why did OPM allow
highly sensitive information accessible via an internet connection, without
secure, separate servers and firewalls to protect employees?
7. There are a number
of criminal justice information services that are completely accessible by its
users but have never been breached because they are properly protected and
firewalled. Why is OPM not using this
strategy for some of the country’s most sensitive information?
FLEOA’s members and
families, who currently fear for their lives due to the failure of your agency
to protect their most sensitive information, anxiously await your response.
Sincerely,
Jon Adler
Jon Adler
FLEOA National
President
FLEOA CHARGES OPM WITH JEOPARDIZING
OFFICER SAFETY AFTER DATABASE BREACH
1.The U.S. Office
of Personnel Management (OPM) turned its back on Federal Law Enforcement
Officers (LEOs) when they failed to protect sensitive information from an
inexcusable breach, and OPM’s delayed and aloof response is a pathetic and
irresponsible miscarriage of its obligations to affected Americans.
2.The very lives of
federal Law Enforcement Officers (LEOs) are now in danger, and the safety and
security of innocent people—including LEO families—are now in jeopardy because
of OPM’s abysmal failure and its continuing ignorance of the severity of the
breach.
3.The information
lost includes personal, financial and location information of LEOs and their
families leaving them vulnerable to attack and retaliation from criminals and
terrorists currently or formerly investigated by the United States.
4.If one LEO or a
family member is harmed or killed, OPM will have blood on their hands.
5.The information
lost can lead to the theft of additional information on tens or hundreds of
millions of Americans, and thousands of foreign nationals who do business with
the United States.
6. OPM’s failure
threatens the lives of covert operatives and agents. In addition, this kind of information often
is used to spy on or steal information against the United States.
FLEOA Demands:
1.FLEOA demands a
full investigation by the FBI and other authorities external to OPM, with the
possibility of criminal charges and civil lawsuits arising from its findings.
2. FLEOA demands
that OPM provide long-term virtual and physical protections for those in
danger, including lifetime credit and other monitoring to detect and prevent
attacks by international adversaries, criminals and terrorists.
3.FLEOA demands an
immediate overhaul of the security system used to store and access sensitive
information, including firewalls, separate servers, proper authentication, and
other state-of-the-art technology.
4.FLEOA demands
immediate answers on exactly what information was breached so that LEOs can
protect themselves.
Unanswered questions for OPM:
1.Exactly what
information was stolen?
2.What is OPM going
to do to provide for the safety and security of LEOs and their families now
that their lives and financial security are in jeopardy?
3.When LEO’s are at
work, how will OPM keep their families safe?
4.Will OPM cover
the costs or indemnify the individuals who suffer harm if their identity is
stolen (employees, family, friends and others listed on stolen forms)?
5.It is illegal to
release or improperly secure information.
Who will be held accountable?
6.Why did OPM allow
highly sensitive information accessible via an internet connection, without
secure, separate servers and firewalls to protect employees?
7.There are a
number of criminal justice information services that are completely accessible
by its users but have never been breached because they are properly protected
and firewalled. Why is OPM not using
this strategy for some of the country’s most sensitive information?