The company linked to the OPM hack just got hired by the government again

Keypoint is suspected of being the source of the leaked credentials that allowed hackers to swipe millions of records from the OPM database.
Written by Zack Whittaker, Contributor
Image: File photo

A company connected to the massive hack targeting the Office of Personnel Management two years ago has been rehired by the US government.

Keypoint, which processes background investigations on behalf of its clients, will provide its vetting services for a new government agency that was set up in the wake of the 2014 intrusion.

The hack, which came to light last year, grabbed more than 22 million records of Americans who had applied for security clearance to work for the government. That data included background investigation and vetting records of current, former, and prospective federal employees and contractors, as well as some mental health and financial records. Later reports showed as many as 5.6 million fingerprints were stolen in the breach.

It was one of the largest breaches of government data in US history that was entirely preventable, according to a congressional report.

Though the government still hasn't said how it was hacked, all signs pointed to China, which denied the allegations.

Keypoint has repeatedly been accused of losing control of a list of usernames and passwords used to access the OPM's databases, which led to the larger intrusion.

The newly formed National Background Investigations Bureau, set to open its doors later this month, will also work with three other contractors to process the thousands of applications it receives each month.

Contractors are a key part of processing the massive number of clearance requests.

According to the news agency, one investigator found that when the OPM fired one of its core contractors, its backlog in clearance investigations rocketed.

The hope is that the NBIB can cut down the processing time of higher-range clearances by more than half, from 170 days to 80 days.

A call to Keypoint's corporate headquarters went unanswered.

Editorial standards