Hearing Wrap Up – OPM: Data Breach Full Committee Meeting

TOP ISSUES:
China
Web3/Crypto
Cartels
30x30
Israel
Doge
x

Hearing Wrap Up – OPM: Data Breach Full Committee Meeting

Commerce

ORGANIZATIONS IN THIS STORY

US Federal Trade Commission (FTC) | U.S. Department Of Commerce (DOC)

The following press release was published by the House Committee on Oversight and Reform on June 16, 2015. It is reproduced in full below.

Witnesses:

Ms. Katherine Archuleta, Director, U.S. Office of Personnel Management<

Ms. Donna K. Seymour, Chief Information Officer, U.S. Office of Personnel Management

Dr. Andy Ozment, Assistant Secretary, Office of Cybersecurity and Communications, U.S. Department of Homeland Security

Mr. Tony Scott U.S. Chief Information Officer, U.S. Office of Management and Budget

Ms. Sylvia Burns, Chief Information Officer, U.S. Department of the Interior

Mr. Michael R. Esser, Assistant Inspector General for Audits, U.S. Office of Personnel Management

TAKEAWAYS:

* State sponsored and non-state sponsored hackers are aggressive, motivated, persistent and well-funded in their attempt to breach government and commercial systems.

* For the breach at OPM, 4.2M individuals will be informed that their information has been compromised, and that the information taken, including data related to security clearances, could date as far back as 1985.

* However, the total number of those affected is still unknown. During the hearing, Director Archuleta indicated that, “any federal employee from across all branches of government, whose organization submitted service history records to OPM, may have been compromised."

* OPM made a conscious decision to ignore repeated warnings from the Inspector General.

* DHS confirmed that it is a “high probability that data was removed from the network."

* While OPM had the responsibility for encrypting data like Social Security numbers they failed to do so.

PURPOSE:

* To provide Members an opportunity to gain information on the nature and extent of the recent U.S. Office of Personnel Management (OPM) data breach.

* To discuss federal agency compliance with the Federal Information Security Management Act (FISMA).

BACKGROUND:

* On June 4th, OPM announced a data breach and its plan to notify approximately 4 million individuals whose personally identifiable information (PII) may have been compromised. OPM’s data center is housed by the U.S. Department of the Interior.

* The full extent of the data breach, including who was affected and what information was accessed, is still unknown.

* The data may have been unencrypted, making employee information immediately usable if extracted.

Key Videos:

Chaffetz:

“You failed, utterly and totally"

Mulvaney:

“That’s what frightens me, Ms. Archuleta, that this is the best of your ability"

Russell:

“‘We did not encrypt because we thought they might be able to decipher’ That is just baffling to me"

Source: House Committee on Oversight and Reform

ORGANIZATIONS IN THIS STORY

US Federal Trade Commission (FTC)U.S. Department Of Commerce (DOC)

Top Stories

More News

Medium e background 50

On the Hill

White House sets 10% tariff on first 100,000 U.K. vehicles imported annually
Medium 3p0sydh8uh2mmajri1atxi1lemkl

On the Hill

Senate committee evaluates nominees' strategies on bridges, PFAS contamination, USACE priorities
Medium 3p0sydh8uh2mmajri1atxi1lemkl

On the Hill

Senate committee reviews Trump's nominations for key federal agency roles
Medium ipq3x8shek5y445qci8rlbw37oc1

On the Hill

Senate Committee advances multiple defense department civilian nominations