Congresswoman Eleanor Holmes Norton (D-DC) and Congressman C.A. Dutch Ruppersberger (D-MD) Thursday introduced the RECOVER Act (Reducing the Effects of the Cyberattack on OPM Victims Emergency Response Act) to provide free lifetime identity protection coverage to current, former and prospective federal employees and contractors whose personal information was compromised by Office of Personnel Management (OPM) data breaches in 2015.
Following the data breaches, Congress approved a version of the Norton-Ruppersberger bill as part of a fiscal year 2017 appropriations bill. However, Congress only required OPM to provide the identify protection coverage to affected individuals through fiscal year 2026. The Norton-Ruppersberger bill requires OPM to provide the coverage for the remainder of the life of the affected individuals.
“While in the minority, we got some identity protection for federal workers and contractors impacted by the data breach as a first step, but only lifetime identity protection will give these workers the peace of mind they deserve,” Norton said. “Because there is no limit to the duration on when the compromised personal information can be used, Congress must protect these federal employees in perpetuity.”
“The federal workers impacted by the OPM breach are victims: their personal security was jeopardized through no fault of their own and the records stolen by hackers have no shelf life. So, the identity theft protection offered to these victims shouldn’t, either,” Ruppersberger said. “I am proud to once again support this effort to help provide these hard-working men and women with the protections they need and deserve forever.”
In June 2015, OPM discovered that the background investigation records of current, former, and prospective federal employees and contractors had been stolen. OPM concluded that sensitive information, including the Social Security Numbers (SSNs) of 21.5 million individuals, was stolen from the background investigation databases. This included 19.7 million individuals that applied for a background investigation, and 1.8 million non-applicants, primarily spouses or co-habitants of applicants. Some records also included findings from interviews conducted by background investigators and approximately 5.6 million include fingerprints. Usernames and passwords that background investigation applicants used to fill out their background investigation forms were also stolen.