Prior to last month's massive breach of federal employee records, the Office of Personnel Management's own inspector general repeatedly expressed concern over the agency's outdated security practices, according to a report.

According to "Handing Over the Keys to the Castle: OPM Demonstrated that Antiquated Security Practices Harm National Security," a report from the non-partisan think tank Institute for Critical Infrastructure Technology, the greatest failure behind the OPM breach was lack of a comprehensive governing policy for cybersecurity at the agency, which would have proactively controlled system access and mandated regular patches and upgrades. The breach reportedly impacted at least 22.5 million former, current and prospective U.S. employees.

"The single most significant recommendation that agencies like OPM could heed is to actually listen to the advice of the inspector general and do everything within their power to meet or exceed regulatory measures," the report stated.

Complete your profile to continue reading and get FREE access to, part of your ALM digital membership.

  • Critical information including comprehensive product and service provider listings via the Marketplace Directory, CU Careers, resources from industry leaders, webcasts, and breaking news, analysis and more with our informative Newsletters.
  • Exclusive discounts on ALM and CU Times events.
  • Access to other award-winning ALM websites including and

© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.

Roy Urrico

Roy W. Urrico specializes in articles about financial technology and services for Credit Union Times, as well as ghostwriting, copywriting, and case studies. Also: writer/editor of a semi-annual newsletter for Association for Financial Technology since 1997 and history projects funded by the U.S Interior Department, National Park Service and Warren County (N.Y.).