Multiple Lawmakers Possibly Compromised by OPM Hack

At least two lawmakers received have received notices that their personal data may now be in the hands of hackers believed to be working for China.

NEW YORK, NY - NOVEMBER 10: Network cables are plugged in a server room on November 10, 2014 in New York City. U.S. President Barack Obama called on the Federal Communications Commission to implement a strict policy of net neutrality and to oppose content providers in restricting bandwith to customers.
National Journal
Dustin Volz
Add to Briefcase
See more stories about...
Dustin Volz
June 18, 2015, 4:40 a.m.

At least two law­makers have re­ceived no­ti­fic­a­tions from the Of­fice of Per­son­nel Man­age­ment in­form­ing them that their per­son­al data may have been stolen by for­eign hack­ers, mark­ing the latest ex­pan­sion of a massive data breach that ex­posed the in­form­a­tion of mil­lions of cur­rent and former fed­er­al em­ploy­ees.

Sen. Susan Collins and Rep. Bar­bara Com­stock re­ceived let­ters on Wed­nes­day from OPM alert­ing them that their So­cial Se­cur­ity num­bers, places of birth, ad­dresses, and oth­er in­form­a­tion could now be in the hands of hack­ers be­lieved to be af­fil­i­ated with China. It was not im­me­di­ately clear how many oth­er mem­bers of Con­gress could also be vul­ner­able, as both Collins and Com­stock were fed­er­al em­ploy­ees be­fore be­com­ing elec­ted of­fi­cials, which may be the reas­on their data is im­plic­ated.

“You are re­ceiv­ing this no­ti­fic­a­tion be­cause we have de­term­ined that the data com­prom­ised in this in­cid­ent may have in­cluded your per­son­al in­form­a­tion,” the let­ter, which Collins pos­ted on Twit­ter, reads.

Com­stock also con­firmed late Wed­nes­day that she had re­ceived sim­il­ar no­ti­fic­a­tion.

“I and many of my con­stitu­ents have already been sent let­ters alert­ing us to this breach of our per­son­al in­form­a­tion that has been ‘com­prom­ised,’” Com­stock wrote in a re­sponse to OPM seek­ing ad­di­tion­al in­form­a­tion about the hack. “As you know, these cy­berthieves stole per­son­al data such as So­cial Se­cur­ity num­bers, as well as back­ground in­vest­ig­a­tions on fed­er­al em­ploy­ees, con­tract­ors, and ap­plic­ants.”

It ap­pears un­likely that most mem­bers of Con­gress have also had per­son­al data hacked, as both Collins and Com­stock may only be af­fected due to their pri­or jobs in gov­ern­ment. In nor­mal prac­tice, OPM would likely not hold in­form­a­tion on elec­ted of­fi­cials.

Collins, who serves on the Sen­ate In­tel­li­gence Com­mit­tee, was ap­poin­ted to the Small Busi­ness Ad­min­is­tra­tion be­fore she was elec­ted to the up­per cham­ber in 1996.

Jeff Marschner, Com­stock’s deputy chief of staff, said that the Vir­gin­ia Re­pub­lic­an was em­ployed as a Hill staffer in the 1990s and also worked for the Justice De­part­ment un­der former Pres­id­ent George W. Bush so “it could be either of the two em­ploy­ments” that led to her data be­ing stored at OPM and sub­sequently ac­cessed by hack­ers.

The real­iz­a­tion that mem­bers of Con­gress are not im­mune to the OPM hack ar­rives on the heels of sim­il­ar no­ti­fic­a­tions sent out to House and Sen­ate staffers late Tues­day that their per­son­nel re­cords, too, are among the mil­lions be­lieved com­prom­ised in the ma­jor in­tru­sion, which in­vest­ig­at­ors be­lieve began last year and was first de­tec­ted in April.

Earli­er this month, OPM an­nounced it be­lieved ap­prox­im­ately 4.2 mil­lion former and cur­rent fed­er­al em­ploy­ees had their per­son­ally iden­ti­fi­able in­form­a­tion ex­posed in the hack. But the scope and scale of the cy­ber­at­tack has grown since, and many law­makers and cy­ber­se­cur­ity ex­perts now be­lieve the amount of in­di­vidu­als af­fected could be far high­er — per­haps total­ing as much as 14 mil­lion. It was ad­di­tion­ally re­vealed last week that deeply sens­it­ive se­cur­ity-clear­ance in­form­a­tion for mil­it­ary and in­tel­li­gence per­son­nel was also breached.

At least three mem­bers of Con­gress — House Over­sight Chair­man Jason Chaf­fetz and Demo­crat­ic Reps. Ted Lieu and Jim Langev­in — have called for the resig­na­tions of OPM Dir­ect­or Kath­er­ine Archu­leta in ad­di­tion to Donna Sey­mour, the agency’s chief in­form­a­tion of­ficer. But des­pite the mount­ing pres­sure, the ad­min­is­tra­tion has signaled it has little in­terest in mak­ing heads roll.

“The pres­id­ent does have con­fid­ence that [Archu­leta] is the right per­son for the job,” White House press sec­ret­ary Josh Earn­est said Wed­nes­day.

What We're Following See More »
Ohio Democrats File Gerrymandering Suit
55 minutes ago

Ohio Democratic voters have filed suit against Ohio Governor John Kasich and other Republican state officials over alleged partisan gerrymandering in Ohio's electoral map. Despite capturing between 51 and 59 percent of the statewide vote in the past three elections, Republicans hold three-quarters of state congressional seats. "The U.S. Supreme Court is due by the end of June to issue major rulings in two partisan gerrymandering cases from Wisconsin and Maryland that could affect the Ohio suit."

Iran May Have Restarted Missile Program
2 hours ago

An Iranian missile scientist, killed in a strike in 2011 along with his research center, oversaw the development of a secret, second facility in the remote Iranian desert that ... is operating to this day," according to a team of California weapons experts. "For weeks, the researchers picked through satellite photos of the facility. They found, they say, that work on the site now appears to focus on advanced rocket engines and rocket fuel, and is often conducted under cover of night."

Trump Signs Security Clearance Reform into Law
2 hours ago

"President Trump signed a bill Tuesday aimed at reducing the backlog of security clearance investigations — but later reserved the right not to comply with it on constitutional grounds. In a signing statement Tuesday night, Trump said provisions of the bill — the Securely Expediting Clearances Through Reporting Transparency Act of 2018, or SECRET Act — encroach on his authority as commander-in-chief."

FBI Exaggerated Encryption Threat
3 hours ago

"The FBI has repeatedly provided grossly inflated statistics to Congress and the public about the extent of problems posed by encrypted cellphones, claiming investigators were locked out of nearly 7,800 devices connected to crimes last year internal estimate put the correct number of locked phones at 1,200." The FBI has maintained that the spread of encrypted software "can block investigators’ access to digital data even with a court order," whereas civil liberties advocates "argue that encryption prevents crime by protecting people’s data from hackers." One year before the larger estimate was made, "the FBI had claimed the figure was 880."

House Passes Right to Try Bill
5 hours ago

Welcome to National Journal!

You are currently accessing National Journal from IP access. Please login to access this feature. If you have any questions, please contact your Dedicated Advisor.