Submission + - Federal Goverment Employees retirement plan victim of 'cyber attack' (tsp.gov) 1
An anonymous reader writes: Participants in the Thrift Savings Plan, the 401k-like retirement savings plan for U.S. Federal Government Employees, were informed of a confirmed hacking incident that resulted in unauthorized access to the personal information of 123,201 TSP participants and payees. The incident occurred in July of 2011, when a computer belonging to Serco, a third party service provider used in support of the TSP, was subjected to a "sophisticated hacking incident" resulting in unauthorized access. The FBI informed FRTIB (the Federal Retirement Thrift Investment Board) and Serco of this incident in April 2012.
The 'plan news update' has an FAQ detailing the incident, and the full press release can be found in a PDF here. Affected parties have been notified, and appropriate measures including "credit consultation and continuous credit monitoring" via a third party for one year.
Considering the press release indicates data accessed includes "Names, addresses, and Social Security numbers... in some cases... financial account numbers and routing numbers... and some TSP related informaiton..." is this response sufficient? What more could or should be done?