However, the personal information doesn't appear to be the three employees' main target. Instead, investigators say that the employees were working on a knockoff version of the agency's proprietary case management software, which they intended to market and sell to other federal offices. The stolen data was likely going to be used to help them develop and test the software. In a report sent to Congress, the office of the inspector general said it had, "seized all known servers and other devices potentially containing exfiltrated data in the possession of the subjects."
According to the New York Times, one of the suspects has left the inspector general's office while the other two have been suspended as the investigation continues. And USA Today reports that the employees affected by the data breach will be offered an 18-month credit monitoring subscription.
Other government agencies that have been impacted by data breaches in recent years include the Securities and Exchange Commission, the federal government's Office of Personnel Management, the Internal Revenue Service and the Office of the Comptroller of the Currency (OCC). Like this breach, the OCC's data was also taken by an employee.
The inspector general's office has been updating congressional committees about the breach since it was first discovered. The DHS and the US attorney's office for the District of Columbia are both investigating the breach.