The OPM hack continues creating havoc as reported on the Nextgov website. They have a story titled “Ransomware Emails Use OPM Breach To Lure Victims” ( This is a “must read” story for the countless current and former federal employees whose personal information was hacked in the breach. And, as the story emphasizes, the alert is important for even non-current or former federal employees as the personal information of family members and others might have also been obtained by the hackers.

Emails from hackers were sent out on Tuesday, November 8th. Anyone receiving an email that is allegedly from an OPM “account manager” must delete it ASAP! The email, per the Nextgov article, says that there’s been “suspicious movements” in the email recipients account. The email has an attachment that it says the recipients should open to learn about these allegedly suspicious activities.

Do not open it! The attachment has malware that will lock and then encrypt the recipients’ computer until and unless they pay a ransom.

The scheme was uncovered by the firm PhishMe; Brendan Griffin, a PhishMe Malware Analyst, told Nextgov that the ransomware email was likely sent to millions of individuals. How to tell if the email is part of this ransomware scheme? As the Nextgov article highlights, the email contains typos and poor grammar.

So — again — be very careful if you got one of these emails — and be aware of any similar schemes in future emails that appear to be from OPM.