It was first reported the cyber breach affected 4.2 million former and current federal employees. Since then, the number has been increased to 18 million former and current federal employees and that number is expected to grow. China is believed to be behind the data breach. Their response to the allegations was: prove it!
The House Committee on Oversight and Government Reform held a hearing recently on the data breach. During that hearing they questioned employees from the U.S. Office of Personnel Management (OPM) and at times drilled them on their irresponsible actions of not protecting the system.This is the information that was discovered:
– Data breached could date as far back as 1985
Do you think the 2nd Amendment will be destroyed by the Biden Administration?(2)
– State sponsored and non-state sponsored hackers are very aggressive, well-funded and persistant
– The OPM made a conscious decision to ignore repeated warnings from the Inspector General
– The Department of Homeland Security believes data was removed from the network– The OPM was supposed to encrypt data such as Social Security numbers and they did not do so
One of the most outspoken critics of the data hack is Congressman Ron DeSantis (FL-R). DeSantis is the Chairman of the Subcommittee on National Security and he issued the following statement:
The hacking of the personnel records of millions of federal employees – including those in military and intelligence positions – represents an unmitigated disaster for U.S. national security. The witnesses before the House Oversight Committee raised more questions than they answered with their testimony. Our adversaries now have access to copious amounts of personnel data that can be used to harm U.S. interests. The administration seems to have no plan to either respond to or mitigate the damage from this cyberattack.
Below is Congressman Jason Chaffetz (UT-R), Chairman of the House Committee on Oversight and Government Reform scolding the Director of U.S. Office of Personnel Management, Katherine Achuleta for not properly protecting the data.