Skip to main content

Norton Introduces Bill with National Capital Region House Members to Provide Free Lifetime Identity Theft Protection Coverage to 22 Million Current, Former and Prospective Federal Employees Affected by OPM Data Breaches

July 13, 2015

WASHINGTON, D.C.—Congresswoman Eleanor Holmes Norton (D-DC) and eight National Capital Region cosponsors introduced the RECOVER Act (Reducing the Effects of the Cyberattack on OPM Victims Emergency Response Act of 2015) to provide free lifetime identity theft protection coverage to the more than 22.1 million current, former and prospective federal employees whose personnel data has been compromised by widespread Office of Personnel Management (OPM) data breaches. The regional cosponsors are Reps. Elijah Cummings (D-MD), Dutch Ruppersberger (D-MD), Chris Van Hollen (D-MD), John Sarbanes (D-MD), Donna F. Edwards (D-MD), Gerry Connolly (D-VA), John Delaney (D-MD), and Don Beyer (D-VA). Senator Ben Cardin (D-MD) last week introduced a companion bill in the Senate. The free lifetime identity theft protection coverage includes identity theft insurance for losses up to $5 million.

What began as 4.2 million affected federal employees and retirees has now grown to more than 22 million. Apparently, OPM is not able to say that even that number is now final. Moreover, the hackers reportedly had infiltrated OPM computers at least a year before they were discovered. Yet, OPM has only guaranteed three years of credit monitoring and identity theft protection services and $1 million in loss coverage for individuals whose background check records were compromised, and only 18 months of credit monitoring and $1 million in loss coverage to individuals whose personnel records were compromised.

"The OPM data, which was not encrypted, was there for the taking despite the Inspector General's warnings," Norton said. "OPM's offer of limited credit monitoring and identity theft protection coverage fails to recognize that the hackers could outwait the OPM's proposed period of credit monitoring and very limited loss coverage. Much of the OPM data is lifetime and permanent background information that cannot be changed like a credit card number. We cannot make up for the angst this breach has caused our federal employees, but our bill shows we can and should do much better than OPM's stingy proposal."

"Extremely sensitive personal information of at least 22 million federal employees and their friends and relatives has been exposed to hackers who used access codes from one of OPM's contractors in one of the largest security breaches in U.S. history," said Oversight and Government Reform Ranking Member Elijah Cummings. "This bill providing lifetime credit monitoring services and identity theft insurance is the least we should do to protect these hardworking and dedicated employees."

"Our federal workers have been subjected to a relentless assault over the past several years, from furloughs to salary cuts and, now, a massive data breach of sensitive personal data," said Congressman Dutch Ruppersberger. "The records stolen by hackers have no shelf life – so the identity theft protection offered to the victims shouldn't, either. I am proud to support this effort to help provide these hard-working men and women some well-deserved peace of mind."

"OPM's announcement that at least 22 million people have been impacted by this breach is staggering. Many live in my district and have called my office with significant concerns," said Congressman Van Hollen. "I've already urged the agency to provide free credit monitoring to those impacted and their families, and what OPM has announced so far is totally inadequate. This legislation will help the hardworking civil servants who have been affected cope with this breach, which could have potentially dangerous consequences for years to come."

"This bill would provide millions of hardworking Americans who've been victimized by this unprecedented data breach with a measure of financial security and peace of mind," said Congressman John Sarbanes. "We must do whatever we can to support the federal and private-sector employees, retirees and their families whose personal information was compromised."

"I remain concerned that nearly one out of every eight Americans have had their security and personal data put into jeopardy and I believe we have a responsibility to protect the families who have been at risk," Congresswoman Donna F. Edwards said. "I will continue to work with my Congressional colleagues to ensure that the Americans serving our nation can keep their personal information safe and secure. That is why I am an original co-sponsor of the RECOVER Act, which provides much stronger and comprehensive measures to protect those whose information may have been compromised. It is the very least the federal government can and should do."

"The devastating series of data breaches against the U.S. Office of Personnel Management represent one of the most catastrophic compromises of highly-sensitive personally identifiable information in our Nation's history," said Congressman Gerry Connolly, Ranking Member of the Federal Workforce Subcommittee. "The millions of dedicated Federal workers, Federal retirees, and contract personnel that serve our country with honor and distinction are the Federal Government's most valuable asset and the government has failed to protect them. I am proud to join my colleagues in introducing the RECOVER Act to provide Federal employees victimized by the breach with lifetime identify theft insurance coverage that is free, comprehensive, and effective."

"The recent data breaches at OPM put millions of federal employees at risk and that's unacceptable," said Congressman John K. Delaney. "Unfortunately, this isn't going to be a short-term problem with short-term risk and we have to make sure we offer long-term support to those impacted. Our government should be in the position of strengthening the security of Americans online, not exposing their personal information to attack. The RECOVER Act makes sure that the victims of the data breaches will never have to face identity fraud alone."