Last week, the Office of Personnel Management (OPM) announced that “sensitive information” on 21.5 million personnel was stolen from their systems.
— Katherine Archuleta (@OPMDirector) July 9, 2015
As the U.S. government begins to deal with this massive cybersecurity breach, many have taken to Twitter to share their feelings, ideas, conspiracy theories, and even some gallows humor.
(Disclaimer: These tweets are short takes of people’s thoughts, often written quickly, sometimes emotionally. They do not reflect the opinions of the author or GovLoop.)
Damian Paletta, national security and intelligence reporter at the Wall Street Journal, struck the right level of alarm.
Hackers likely stole EVERY SINGLE background investigation form completed by OPM since 2000. Every single one.
— Damian Paletta (@damianpaletta) July 9, 2015
Security experts, pundits, and armchair technologists are weighing in on what the U.S. government and its employees should do next.
— EFF (@EFF) July 13, 2015
Largest federal employee union sues over OPM hack http://t.co/0wR6amwRNA
— National Journal (@nationaljournal) July 1, 2015
Hey you 21,499,999 former coworkers of mine. Wonder what we should do now? https://t.co/ac4cHHvHk1
— Maria Streshinsky (@Mstreshinsky) July 9, 2015
More than a week before, after announcing a smaller but still severe hack, the OPM took some action by shutting down its database and moving its security clearance process to paper.
Out of an abundance of caution, OPM has temporarily taken our background investigation system (e-QIP) offline: http://t.co/8mHxWECVan
— OPM (@USOPM) June 29, 2015
This move got blowback, both before and after the OPM released the updated number of those affected by the hack.
Exclusive: OPM's return to paper background questionnaires means no new clearances while e-QIP is offline: http://t.co/2caUfmAfZC
— Nicole Duran (@Duranni1) July 8, 2015
— Bryan Ruby (@MrBryanRuby) July 8, 2015
The back-to-paper idea had been floated before people knew the true scale of the hack, though with a twist.
Maybe now people will see the wisdom of keeping OPM's federal retirement records on paper, inside a series of caves. http://t.co/SqJAUoPk1W
— David Fahrenthold (@Fahrenthold) June 5, 2015
As OPM officials referred to it as a “cybersecurity incident” or sometimes a “data exfiltration,” people and the media debated what the OPM problem should be called.
Mark Knoller, CBS News White House Correspondent, pointed out the OPM’s phrase of choice and got a lot of responses.
— Ed Morrissey (@EdMorrissey) July 10, 2015
@markknoller for what it's worth, that's the proper terminology. We use it in security consulting/testing.
— Ben Ten (0xA) (@Ben0xA) July 13, 2015
The naming debate had been brewing for a while.
— Ars Technica (@arstechnica) July 9, 2015
— Sarah G McBride (@mcbridesg) July 2, 2015
No matter what you call it, the OPM data breach/incident/hack/leak/rupture/intrusion/exfiltration/disaster has emotions running high.
— Juliette Kayyem (@juliettekayyem) July 10, 2015
— Ars Technica (@arstechnica) July 11, 2015
Amidst the unsettling news, folks did get a little stress release from laughter.
Hoping for a little more respect on my next visit to China, now that they can see from my OPM records how promptly I pay my cable bill.
— David Frum (@davidfrum) July 9, 2015
#OPMHack: M: they have your name & address Tu: & your SSN W: & your moms SSN Th: & your fingerprints F: But not your DNA! S: Ok your DNA too
— Political Math (@politicalmath) July 9, 2015
Twitter being part of the internet, cat jokes definitely made an appearance.
Katherine Archuleta resigns to spend more time with her cat Mittens, whose name is also OPM's global admin password
— Popehat (@Popehat) July 10, 2015
How many hang-in-there cat-on-a-wire calendars do you figure there are at the Office of Personnel Management
— Spencer Ackerman (@attackerman) July 10, 2015
She has found the best possible use of my OPM notification letter. pic.twitter.com/Q4SVt8d2Kk
— themodernscientist (@modernscientist) July 10, 2015