NICS information Stolen?

[Turftech1]

Yesterday I got a letter from the United States Office of Personnel Management's acting director Beth F. Cobert. Informing me that my personal information from a submitted background check had been compromised by a "malicious cyber intrusion", and informing me that the Office of Personnel Management would provide me with 3 years of identity theft protection and insurance.

2 questions:

1. Anyone else get a letter like this recently?

2. When NCIS background checks were instituted, I swear I recall that one of the conditions was that the info would be destroyed as soon as the check was finished, and the feds wouldn't keep any record of the event, to prevent a data-base of gun owners from being formed. Am I remembering this correctly? If so, how did the Office of Personnel Management end up with my background check info in order to lose it?

 

[Spats McGee]

Well, now that is an interesting wrinkle.

The NICS is not to be used to establish a federal firearm registry; information about an inquiry resulting in an allowed transfer is destroyed in accordance with NICS regulations. Current destruction of NICS records became effective when a final rule was published by the Department of Justice in The Federal Register, outlining the following changes. Per Title 28, Code of Federal Regulations, Part 25.9(b)(1), (2), and (3), the NICS Section must destroy all identifying information on allowed transactions prior to the start of the next NICS operational day.

Source: https://www.fbi.gov/about-us/cjis/nics/general-information/fact-sheet

(b) The FBI will maintain an automated NICS Audit Log of all incoming and outgoing transactions that pass through the system.

(1) Contents. The NICS Audit Log will record the following information: Type of transaction (inquiry or response), line number, time, date of inquiry, header, message key, ORI or FFL identifier, and inquiry/response data (including the name and other identifying information about the prospective transferee and the NTN).

(i) NICS denied transaction records obtained or created in the course of the operation of the system will be retained in the Audit Log for 10 years, after which time they will be transferred to an appropriate FBI-maintained electronic database.

(ii) NICS Audit Log records relating to transactions in an open status, except the NTN and date, will be destroyed after not more than 90 days from the date of inquiry; and

(iii) In cases of NICS Audit Log records relating to allowed transactions, all identifying information submitted by or on behalf of the transferee will be destroyed within 24 hours after the FFL receives communication of the determination that the transfer may proceed. All other information, except the NTN and date, will be destroyed after not more than 90 days from the date of inquiry.

(2) Use of information in the NICS Audit Log. The NICS Audit Log will be used to analyze system performance, assist users in resolving operational problems, support the appeals process, or support audits of the use and performance of the system. Searches may be conducted on the Audit Log by time frame, i.e., by day or month, or by a particular state or agency. Information in the NICS Audit Log pertaining to allowed transactions may be accessed directly only by the FBI and only for the purpose of conducting audits of the use and performance of the NICS, except that:

(i) Information in the NICS Audit Log, including information not yet destroyed under §5.9(b)(1)(iii), that indicates, either on its face or in conjunction with other information, a violation or potential violation of law or regulation, may be shared with appropriate authorities responsible for investigating, prosecuting, and/or enforcing such law or regulation; and

(ii) The NTNs and dates for allowed transactions may be shared with ATF in Individual FFL Audit Logs as specified in §25.9(b)(4).

(3) Limitation on use. The NICS, including the NICS Audit Log, may not be used by any Department, agency, officer, or employee of the United States to establish any system for the registration of firearms, firearm owners, or firearm transactions or dispositions, except with respect to persons prohibited from receiving a firearm by 18 U.S.C. 922(g) or (n) or by state law. The NICS Audit Log will be monitored and reviewed on a regular basis to detect any possible misuse of NICS data.

Source: http://www.ecfr.gov/cgi-bin/text-id...8ebaff02ea&mc=true&node=se28.1.25_19&rgn=div8

 

[alsaqr]

When NCIS background checks were instituted, I swear I recall that one of the conditions was that the info would be destroyed as soon as the check was finished, and the feds wouldn't keep any record of the event, to prevent a data-base of gun owners from being formed.

IMO: It's not from an NICS check. NCIS is another deal altogether: The Naval Criminal Investigative Service.

Did you ever apply for a federal job or have a security clearance?

i'm US Army retiree and a sometimes US government contractor with a security clearance: Got the same letter.

 

[TheVision]

Informing me that my personal information from a submitted background check had been compromised by a "malicious cyber intrusion" ...

Did you submit to a background check for government employment (i.e. not a firearm purchase) or something similar in the past two years? The OPM lost upwards of 21 million records, including social security numbers, in the most recent breach.

 

[Arkansas Paul]

Over 20 million people were compromised in the hack.

My brother's wife works for the VA and they got the letter.
My wife applied for a federal job about a year ago and we got a letter in the mail just yesterday.

IIRC they're sending out 21.5 million letters.

 

[Ryanxia]

Over 20 million people were compromised in the hack.

My brother's wife works for the VA and they got the letter.
My wife applied for a federal job about a year ago and we got a letter in the mail just yesterday.

IIRC they're sending out 21.5 million letters.

What he said, this has to do with OPM itself being breached. Several branches of government including shipyard workers were affected. Most probably don't even know yet. I would think they use the same NICS background check system from the FBI with their employees. This isn't from a form 4473 unless you want to block out your personal information and attach the actual letter?

 

[Old Dog]

I got the letter. My understanding is that one of the databases breached was TRICARE, so if you're entitled to TRICARE (military health care for active duty/retirees/family members/beneficiaries), your information was compromised.

NOTHING at all to do with NICS, the Nat'l Instant Check System.

 

[rbernie]

Did you submit to a background check for government employment (i.e. not a firearm purchase) or something similar in the past two years? The OPM lost upwards of 21 million records, including social security numbers, in the most recent breach.

Exactly so.

http://www.nbcnews.com/news/us-news/opm-data-breach-china-hits-back-u-s-over-federal-n370351

The Chinese just told nObama that it was not a government sponsored cyberattack but was a private criminal enterprise in China that stole the data. At least they were willing to admit in public that the attack originated from China.

http://www.zdnet.com/article/china-says-us-opm-breach-criminal-not-state-funded-attack/

A whole bunch of us just got screwed. The .gov's answer was to give me three years of ID theft notification. Gee, thanks. Of course, this has nothing to do with NICS, and everything to do with the OPM databases used to support the .mil and contractor security clearance process.

 

[CoalTrain49]

Does anyone know how many databases the federal gov't has? I would bet more than 1000.

The VA compromised information in 2006.

The most recent compromise ( that I know about) was by the dept. of state regarding passports.

http://travel.state.gov/content/pas...garding-compromised-personal-information.html

Seems to be a trend.

 

[Jeff White]

As interesting as this conversation is (I am also affected) it's not gun related and not on topic.

Reopened per conversation with the OP that it was in fact NICS (National Instant Check) information that was stolen. OP will elaborate.

 

[Turftech1]

I want to thank Jeff for re opening this. It was from an NICS check. I have not applied for any federal jobs, or federal benefits. I'm not with the VA, or anything like that, but I did do 5 NICS checks in the last 5 years. One for a concealed carry permit, and 4 for firearm purchases.

This makes me think it has to be firearm related.

Here's the letter, I have not included the heading with my personal info.
and PIN numbers.

 

[CoRoMo]

...I did do 5 NICS checks in the last 5 years. One for a concealed carry permit, and 4 for firearm purchases.

How long ago was the last BGC?

 

[Jeff White]

I can buy the idea of the government keeping an illegal database of gun owners derived from NICS checks. It's not like the technicality of something being illegal ever stopped the government from doing what it wanted. How it ended up in OPM has me confused.

 

[Turftech1]

How long ago was the last BGC?

Black Friday

Christmas gift for my boy.

 

[Salmoneye]

Had to copy the pic and blow it up in PhotoShop...

I can see nowhere that it says NICS...

In fact it states that "If you applied for a position"...

What am I missing?

 

[Turftech1]

Had to copy the pic and blow it up in PhotoShop...

I can see nowhere that it says NICS...

In fact it states that "If you applied for a position"...

What am I missing?

Well, it says from a background check, and I have never applied for a position or benefits or anything like that. That's what has me thinking it's got to be from either my CCW check, or one of my instant NICS checks.

 

[Arkansas Paul]

Black Friday

So you were a part of the 185,000+ people who contributed to the record breaking Black Friday.

Kudos to you sir.

 

[Jeff White]

Well CCW background checks go through the FBI which is part of the Department of Justice. DOJ also runs NICS.

I think perhaps you've already been a victim of identity theft and someone used your information to apply for a job or a security clearance or both.

There would be no other reason for OPM to have your information.

 

[M-Cameron]

you are not alone..... both me an a buddy got letters from the OPM.

i used to work in the defense industry, so im assuming thats where my info came from....

went through and signed up for the ID monitoring service they offered......hopefully ill never have to use it.

 

[Tony k]

I think perhaps you've already been a victim of identity theft and someone used your information to apply for a job or a security clearance or both.

that's what I was thinking too.

My information has been compromised three times by .gov.

VA data breach (I'm a Vet)
Stolen federal employee credit card info (I'm a federal employee)
Latest Chinese hack

The most likely reason OPM would have your stuff is if someone used your identity to apply for a job or benefits. I woud't be surprised if someone wasn't using your name to get welfare. Use the identity theft protection they gave you to track down the source if you can,

 

[garymc]

My wife, retired from federal employment in 2006, received the identical letter recently. She has never bought a gun. We have a second home, where she has never lived, and that was the address to which the letter was sent.

 

[dogmush]

Do you have a friend or family member that works for the government?

The other common way to get on OPM's list is to be listed as a contact on someone else's SF 86 for a clearance. It would have your name, address, phone and sometimes SSN as part of the background check. If they didn't contact you for an interview you might not even know, although it's polite to let someone know before you put their name on your application.

IMO that letter has nothing to do with the NICS system. I got the same one because of my clearance.

 

[jhop73]

My notice stated my fingerprints were compromised too, the only time i have been fingerprinted with a federal BGC was last year as a contractor for the VA.

 

[rbernie]

Something to keep in mind is that the data stolen was not just from those people with active or prior government service or security clearances, but included family members of someone who falls into those categories.

 

[Twiki357]

I can’t believe that it was the result of an NICS check for a gun purchase. There are hundreds of ways your information could have gotten into the OPM data base. A couple of the possibilities are: -An applicant for a government job used you as a reference. -You applied for or worked for a company with a government contract. This could go all the way from defense contractors to janitors who clean government offices. There are many different levels of background checks for many different reasons and some that you will never know happened.

I personally have not received one of those letters even though I worked for the government for 17 years and had a top secret clearance. I retired in 2002 so I don’t know if there may be a time frame for the compromised info.