More than 20 million people affected by multiple cyber breachesNEW YORK (August 14, 2015) — Labaton Sucharow LLP filed a class action today against the United States Office of Personnel Management (OPM) and KeyPoint Government Solutions (collectively, “the defendants”), concerning multiple cyber breaches which compromised the security of more than 20 million people. Described by Congressional representatives as “the most devastating cyber attack in our nation’s history,” the breach resulted in the disclosure of personal information from current, former, and prospective employees and contractors of the U.S. government, as well as some family members of federal applicants.
The OPM, together with KeyPoint, conducts over 90 percent of the U.S. Federal Government’s background investigations—more than two million investigations every year. Since at least 2007, the OPM, which according to its website, “work[s] to make the Federal Government America’s model employer for the 21st century,” has been on notice of significant flaws in its cyber security protocol but failed to take the steps to remedy those deficiencies. Annual audits by the Office of the Inspector General found glaring and systemic cyber security deficiencies that the OPM consistently failed to address, which led directly to the unprecedented theft of highly sensitive information.
The plaintiffs allege the defendants’ actions constituted negligence and also violated the Privacy Act of 1974 and the Administrative Procedure Act, leaving millions susceptible to identity theft.
“The OPM has acknowledged the harm done to these individuals as a result of their personal information being stolen, but it has provided only token relief that does not even begin to address the injury,” said Joel H. Bernstein, the Labaton Sucharow partner leading the case. “We seek fair damages to adequately protect and compensate class members for the OPM’s actions.”
The case was filed in the United States District Court for the District of Columbia.