Feds win standing to sue over OPM breach

Feds have just won a major victory in their ongoing battle to get fair compensation for data breaches due to their employer’s failure to take adequate preventative measures.

The U.S. Court of Appeals for the D.C. Circuit has ruled that federal employees can sue the government in these matters—specifically with respect to the massive Office of Personnel Management breach—disclosed in 2015—which compromised the data of at least 21.5 million persons.

The appeals court reversed the ruling of a federal district court, which had found that feds did not have standing to pursue a suit. Now, that lower court has been ordered to hear the case and judge it on its merits.

The American Federation of Government Employees is applauding the decision—and looking forward to some help for its members on the fallout they’ve endured in the wake of the compromise of their data. 

“Two years ago, nearly 22 million current and former federal employees, job applicants, and their family members had their most personal and sensitive information stolen from OPM in one of the largest cyberattacks in U.S. history,” J. David Cox, president of AFGE, said in a press release. “Everyone affected deserves to see that justice is served, and that’s why our union was the first organization to sue the federal government over the data breach.”

Four years ago, the union filed a lawsuit against OPM, citing the agency’s “failure to heed warnings and obey security policies, leading to the disclosure of the personal records of 21.5 million individuals,” according to the release. The union and other advocates have been trying to obtain lifetime credit monitoring and liability insurance for those feds affected by the breach.

Hackers got hold of everythinig from Social Security numbers and birth dates to fingerprints and home addresses, as well as other information included in background checks and other job application data.

The appeals court, according to the union’s release, supplied language highly supportive of the union’s case.

“We conclude that not only do the incidents of identity theft that have already occurred illustrate the nefarious uses to which the stolen information may be put, but they also support the inference that [the plaintiffs] face a substantial—as opposed to a merely speculative or theoretical—risk of future identity theft,” the appeals court stated.

Reader comments

Mon, Jul 15, 2019

Go after the idiots at OPM (current and former), fire ones currently employed and eliminate the pensions of the ones now working for the contractor who is monitoring the identity theft situation.

Wed, Jul 10, 2019 George Firth VA

How do we confirm inclusion in this lawsuit?

Wed, Jul 10, 2019 L. J. Atlanta, GA

Thank you, Thank you, Thank you! Now who do we contact about being hacked?

Tue, Jul 9, 2019 Paul Concord, NH

What does this mean to the average federal employee who was employed by the Federal govt. during this breach? Do beneficiaries need to be members of AFGE? Do beneficiaries need to have already undergone some form of identity theft, like having a credit or debit card compromised, or some other related issue? What would "related issues include" Thank you. Paul

Mon, Jul 8, 2019 Denise FL

Great news! Can only hope that we (retired)are protected for the rest of our lives.

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

2020 Digital Almanac

Stay Connected

Latest Forum Posts

Ask the Expert

Have a question regarding your federal employee benefits or retirement?

Submit a question