This note (edited) came from my corporate security department...

Earlier this year, the United States’ Office of Personnel Management (OPM) suffered a data breach where hackers stole the personal data of millions of people.

OPM has been in the process of notifying all impacted individuals; however, scammers have also taken this opportunity to capitalize on the breach and are targeting people who may or may not have been subject to the breach with phishing scams.

Those impacted by the data breach will receive an official letter from OPM that includes a 25-digit PIN and will only be delivered by the U.S. Postal Service. If you are contacted about the breach by phone, email or any other means than an official letter, do not provide personal information.

Data breaches happen far too often now days and sadly there is not enough prosecution of those responsible.. For example on the political front (I will launder somewhat)

Two political candidates both use the same Data Colleciton service, their accounts are supposed to be invisible to each other but a recent update to the software at the data farm gave both candidates access to each other's data.. ONE of the candidates has been accused and has fired one of his campaign workers.... (This is a laundered version of the news story which named names) ...

Now in this case it appears the breach was due to an error on the data collection service side, not a hacker.. So perhaps the "intrusion" was accidental (or not) but in most cases the breach is due to hostile activity.. And these hackers easily cost the US over a Billion a year.. But the government says "Petty crime" (Come to think of.. no that comment would be politcal) I think the Government should go after hackers with the full power of the law and hand each one of 'em a bill equal to what they (Collectively) cost the US last year... Should pay off the national debt fairly swiftly that way.

The government needs to stop playing paddycake with HAckers and find them (They can in many cases) arrest them, Convict them and hand a fine equal to the annual cost to the US from hacking.. Several billion dollars.. EACH.