Standard News

Hide Advertisement
  • Business
  • Culture
  • News
  • Technology
  • Trending
Site logo
ADVERTISEMENT
ADVERTISEMENT
News

U.S. personnel management hack preventable, congressional probe finds

By Reuters 2 min read
A lock icon, signifying an encrypted Internet connection, is seen on an Internet Explorer browser in Paris

By Dustin Volz

WASHINGTON (Reuters) – The U.S. Office of Personnel Management (OPM) did not follow rudimentary cyber security recommendations that could have mitigated or even prevented major attacks that compromised sensitive data belonging to more than 22 million people, a congressional investigation being released on Wednesday has found.

Advertisement

Two breaches at the federal agency detected in 2014 and 2015 were made worse by lax security culture and ineffective leadership, which failed to harness available tools that could have stopped or limited the intrusions, according to the report from the Republicans on the U.S. House of Representatives’ Committee on Oversight and Government Reform, a copy of which was seen by Reuters.

“The OPM data breach and the resulting generational national security consequences cannot happen again,” said Republican Representative Jason Chaffetz, the committee’s chairman, in the report.

The investigation faulted OPM – which manages employment matters for the federal government, including background checks for most agencies – for not moving more quickly to address early signs of an attack, allowing hackers to later siphon off reams of personnel data.

It also said OPM ignored repeated inspector general reports dating back to 2005 that warned of cyber security shortcomings.

Representative Elijah Cummings, the top Democrat on the oversight panel, rejected the report’s findings in a memo to other Democrats. He claimed the report had factual deficiencies and did not account for mistakes made by federal contractors.

U.S. intelligence officials have linked the Chinese government to both OPM breaches, an accusation Beijing has denied.

Though the Republican report credits OPM with improving its cyber security over the past year, it also includes suggestions for the federal government to address vulnerabilities.

They include longer retention of qualified chief information officers, reduction of the use of social security numbers, and a “zero trust model” of information security that enforces strict controls on what data users inside a network can access.

In a blog post set to be published on Wednesday, Beth Cobert, acting director of OPM, said she disagreed with aspects of the congressional investigation, which “does not fully reflect where this agency stands today.”

OPM has achieved “significant progress” over the past year to improve cyber security, Cobert said, including requirements for multi-factor authentication, modernized information technology infrastructure, a new senior cyber security adviser, and the formation of a new organization responsible for background checks on employees and contractors, she said in the blog post, a copy of which was seen by Reuters before publication.

That new entity, the National Background Investigations Bureau, is intended to replace OPM’s Federal Investigative Services. It will have its information systems handled by the Pentagon and is expected to be operational by Oct. 1.

(Reporting by Dustin Volz; Editing by Bill Rigby)

tagreuters.com2016binary_LYNXNPEC86056-VIEWIMAGE

Advertisement - Continue reading below

U.S. investigators seek motive for NY, NJ weekend attacks
News
Reuters 3 min read

U.S. investigators seek motive for NY, NJ weekend attacks

CEOs: We Have A Reputation Problem
Business
Jason Owen 5 min read

CEOs: We Have A Reputation Problem

Rare Footage From Nevada Water Park Will Hit You With The Nostalgia Feels
Trending
David Clarke 3 min read

Rare Footage From Nevada Water Park Will Hit You With The Nostalgia Feels

Justice Dept. reviewing Supreme Court immigration decision: Lynch
News
Reuters 3 min read

Justice Dept. reviewing Supreme Court immigration decision: Lynch

United Airlines flight diverted after unspecified security concern
News
Reuters 1 min read

United Airlines flight diverted after unspecified security concern

Former Illinois congressman requests to plead guilty in tax case
News
Reuters 2 min read

Former Illinois congressman requests to plead guilty in tax case

Clinton urges U.S. Congress to reconvene, pass Zika bill
News
Reuters 3 min read

Clinton urges U.S. Congress to reconvene, pass Zika bill

CAIR Decries Trump Administration’s ‘Deafening Silence’ on Series of Anti-Muslim Incidents Nationwide
News
Jason Owen 5 min read

CAIR Decries Trump Administration’s ‘Deafening Silence’ on Series of Anti-Muslim Incidents Nationwide

Family will not sue Cincinnati zoo over child-gorilla incident
News
Reuters 2 min read

Family will not sue Cincinnati zoo over child-gorilla incident

New York to probe Mylan EpiPen contracts for schools
News
Reuters 1 min read

New York to probe Mylan EpiPen contracts for schools

load more Loading posts...

sidebar

ADVERTISEMENT
ADVERTISEMENT

sidebar-alt

  • About Us
  • Imprint
  • Contact Us
  • Terms of Service
  • Privacy Policy