The president of the largest federal employees union says all data for every current and retired federal employee and up to 1 million former employees were stolen by hackers. He says those data include names and Social Security numbers, military service and insurance and pension information.
The government has acknowledged that data of as many as 4 million current and former employees and retirees were stolen, but it hasn't detailed which employees were affected. Nor has it specified which data were stolen.
But J. David Cox, the president of the American Federation of Government Employees, charges it was all employees and all data. In a letter to Katherine Archuleta, the director of the Office of Personnel Management, Cox also charges that the Social Security numbers kept on government computers were not encrypted, "a cybersecurity failure" that Cox calls "absolutely indefensible and outrageous."
Cox says his information about the extent of the breach is "based on the sketchy information OPM has provided."
The agency has publicly acknowledged that data were stolen from "approximately 4 million individuals," but little else.
OPM says affected employees will be eligible for 18 months of credit monitoring and $1 million in liability insurance, which the union says is inadequate.
AFGE says the fact that OPM has outsourced to a contractor the responsibility for answering affected employees' questions "adds insult to injury."
The agency did not provide a response to the letter.
The Obama administration has not publicly stated who it believes is responsible for the breach, but lawmakers have pointed the finger at China.