House bill would give OPM hack victims lifetime fraud protection

Both chambers of Congress now have a bill that would extend identity theft protections to those affected by the recent massive government data breaches.

Del. Eleanor Holmes Norton (D-D.C.) and eight Democrats from Maryland and Virginia — where most federal employees live — introduced the Recover Act on Monday. The bill would give lifetime identity theft monitoring protections to the 22.1 million people that had their information exposed by the hacks at the Office of Personnel Management (OPM) and insure them for losses of up to $5 million.

Currently, the OPM is offering breach victims are between 18 months and three years of monitoring services, with insurance for up to $1 million in fraud damages.

“OPM's offer of limited credit monitoring and identity theft protection coverage fails to recognize that the hackers could outwait the OPM's proposed period of credit monitoring and very limited loss coverage,” Norton said.

The OPM fell victim to two separate digital intrusions. One hit a database with federal workers’ personnel files. The other laid bare the background checks conducted on those seeking security clearances from the government.

“Much of the OPM data is lifetime and permanent background information that cannot be changed like a credit card number,” Norton said. “We cannot make up for the angst this breach has caused our federal employees, but our bill shows we can and should do much better than OPM's stingy proposal."

Norton’s bill is a companion piece to a measure that Sen. Ben CardinBen CardinSanders, Dem senators press Obama to halt ND pipeline Dems to McConnell: Pass 'clean' extension of Iran sanctions Top Foreign Relations Dem: US needs to 'revisit' approach to Russia MORE (D-Md.) introduced last Thursday with his Maryland and Virginia Senate colleagues.

Since shortly after the OPM breaches were revealed in June, lawmakers have blasted the agency for failing to provide adequate information and fraud protection services to those hit by the hacks.

Federal employees unions have also pressed the agency for greater protections. One group, the National Treasury Employees Union (NTEU), has even filed a lawsuit seeking the lifetime identity theft monitoring that the bills from Norton and Cardin would grant.

“Federal employees are required to submit personal, sensitive and confidential information as a condition of employment, and their records deserve the highest levels of protection,” NTEU National President Colleen Kelley said after Cardin officially introduced his bill. “The Recover Act will go a long way toward protecting individuals from ID theft problems stemming from these devastating data breaches.”