Cybersecurity

Dem warns OPM: Hack victims struggling to get fraud protection

by Cory Bennett 06/19/15 05:03 PM ET

Sen. Mark Warner (D-Va.) is warned the Office of Personnel Management (OPM) to hold credit monitoring firm CSID accountable amid reports it is offering substandard service to the millions of victims of the recent federal data breach.

“Information has come to light that raises questions about OPM’s awarding of this $20 million contract to CSID, and whether CSID has the expertise and capacity to provide the services for which it was contracted,” Warner said in a letter sent Friday to OPM Director Katherine Archuleta.

{mosads}The OPM has said it will provide all those affected by the intrusion up to 18 months of identity theft monitoring.

But federal workers unions have expressed frustration with the company since signup first began for the complimentary services.

They say the company’s customer service has been woefully insufficient, concerns Warner said he’s heard from his own constituents in Virginia, where many current and former government workers live.

“In the past two weeks, I have heard complaints from many of them about the poor quality of service provided by CSID,” Warner said My constituents have reported that the website crashes frequently, and that the company’s dedicated hotline regarding the OPM breach has incredibly long wait times. Wait times of over an hour are not uncommon.”

In addition, Warner said CSID has repeatedly provided “inaccurate or out-of-date information” regarding his constituents’ credit history and been withholding information about the $1 million in identity theft insurance victims are supposed to have access to.

“Needless to say, I am deeply troubled by these reports,” he said. “OPM must hold CSID accountable for timely and accurate responses to federal employees who are rightfully concerned about the impact of this breach.”

Questions have also been raised about the bidding process that awarded CSID its contract.

As Warner points out, the government only gave companies 36 hours to submit a bid, and awarded the contract to CSID in under a week.

“According to procurement experts, such a short turnaround time is highly unusual and raises suggestions that OPM could have intentionally steered the contract to CSID,” Warner said.

He pressed the agency for more details on how the contract was awarded.

“OPM has an obligation to take this threat seriously,” Warner said. “The agency’s awarding of this contract suggests, however, that protecting employees exposed by the breach is not the top priority for OPM that it should be.”