US personnel agency takes system offline after hack
Problems for the U.S. Office of Personnel Management aren’t letting up. The government agency said Monday it had suspended a system used for background checks after a security flaw was discovered in the Web-based app.
The agency said there’s no evidence the system was hacked. It discovered the vulnerability during an ongoing review of its IT systems, it said, which is being carried out in the wake of at least two serious security breaches.
Still, it’s a big inconvenience. The system, called E-QIP, is used by multiple agencies to carry out background checks on potential new hires, and it will be offline for four to six weeks, the OPM said.
“The actions OPM has taken are not the direct result of malicious activity on this network, and there is no evidence that the vulnerability in question has been exploited,” the agency said, calling the decision to take E-QIP offline a proactive measure to ensure ‘the ongoing security of its network.”