OPM Slow-Rolls How Bad The Hack of Millions of Employee Records
Anonymous Reader: "I am sure "hacked off" over our government being so vulnerable in our own computers being under constant threats of being hacked." |
The House reconvened at 10 AM.
Bills expected to be considered today:
H.R. 2822 - "Making appropriations for the Department of the Interior, environment, and related agencies for the fiscal year ending September 30, 2016."
H.R. 2042 - "To allow for judicial review of any final rule addressing carbon dioxide emissions from existing fossil fuel-fired electric utility generating units before requiring compliance with such rule, and to allow States to protect households and businesses from significant adverse effects on electricity ratepayers or reliability; and providing for proceedings during the period from June 26, 2015, through July 6, 2015."
Yesterday the House passed:
H.R. 1190 (244 - 154) — "To repeal the provisions of the Patient Protection and Affordable Care Act providing for the Independent Payment Advisory Board." Aka: Protecting Seniors’ Access to Medicare Act which repeals ObamaCare’s Independent Payment Advisory Board (IPAB).
H.R. 1633 (Voice Vote) — "To provide for certain improvements relating to the tracking and reporting of employees of the Department of Homeland Security placed on administrative leave, or any other type of paid non-duty status without charge to leave, for personnel matters, and for other purposes."
H.R. 1637 (Voice Vote) — "To require annual reports on the activities and accomplishments of federally funded research and development centers within the Department of Homeland Security, and for other purposes."
H.R. 1640 (Voice Vote) — "To direct the Secretary of Homeland Security to submit to Congress a report on the Department of Homeland Security headquarters consolidation project in the National Capital Region, and for other purposes."
H.R. 1646 (Voice Vote) — "To require the Secretary of Homeland Security to research how small and medium sized unmanned aerial systems could be used in an attack, how to prevent or mitigate the effects of such an attack, and for other purposes."
H.R. 1698 (Voice Vote) — "To amend design and content requirements for certain gold and silver coins, and for other purposes."
H.R. 2390 (Voice Vote) — "To require a review of university-based centers for homeland security, and for other purposes."
H.R. 2576 (398-1) — "To modernize the Toxic Substances Control Act, and for other purposes."
H.R. 2620 (Voice Vote) — "To amend the United States Cotton Futures Act to exclude certain cotton futures contracts from coverage under such Act."
H.R. 805 (378-25) — "To prohibit the National Telecommunications and Information Administration from relinquishing responsibility over the Internet domain name system until the Comptroller General of the United States submits to Congress a report on the role of the NTIA with respect to such system."
H.R. 893 (Voice Vote) — "To require the Secretary of the Treasury to mint coins in commemoration of the centennial of Boys Town, and for other purposes."
The Senate reconvened at 9:30 AM today and resumed consideration of H.R. 2146, the vehicle for Trade Promotion Authority.
At 4 PM, the Senate will vote on the motion to concur in the House amendment to the Senate amendment to H.R. 2146 (i.e. to pass TPA). The Senate will then vote on cloture the motion to concur in the House amendment to H.R. 1295, the bill containing the reauthorization of the Trade Adjustment Assistance program and trade preferences for countries in Africa. If cloture is invoked, the Senate will vote on the motion to concur in the House amendment to H.R. 1295, which would send the bill to the president. Following those votes, the Senate will vote on cloture on the motion to go to conference will the House on H.R. 644, the customs bill. If cloture is invoked, senators will then vote on motion to go to conference.
Yesterday, the Senate voted 60-37 to invoke cloture (end debate and move towards a final vote) on the motion to concur in the House amendment to the Senate amendment to H.R. 2146.
News on Hacked OPM employee records:
In a stunning report today, The Wall Street Journal writes, “Obama administration officials defined the hack of Office of Personnel Management employee documents as two distinct breaches, a decision that allowed officials to initially deny millions of the government’s most sensitive employee security records had been stolen, according to officials familiar with the matter. . . . The administration disclosed the breach of personnel files on June 4 but not the security clearance theft, contrary to what investigators probing the theft already knew. . . .
“Even before OPM announced it had been hacked, officials at the office denied to The Wall Street Journal that security clearance forms were taken. A day after the public announcement, they denied it again, with an OPM spokesman saying there was ‘no evidence to suggest that information other than what is normally found in a personnel file has been exposed.’ Yet by that time, the FBI already knew—and told OPM—security clearance forms had in fact been accessed, . . .
“Officials familiar with the behind the scene discussions say OPM’s denials were based on a peculiar interpretation of what had happened at the agency. Officials at the White House and OPM agreed to handle the OPM problem as at least two separate breaches—one of the personnel files, and one of the security clearance forms, these officials said.
“That had major implications for the initial description of damage. Rather than saying the hack implicated the private details of an estimated 18 million people—and potentially millions more if you count the relatives and close friends listed on the security clearance forms—the agency said about four million people were potentially affected.
“The FBI, which is investigating the OPM hack, didn’t define it the same way. When responding to computer attacks on companies or government agencies, the FBI leaves it to the victim agency to say publicly and to its employees what was taken. In the case of the OPM hack, however, FBI officials, including the director, James Comey, also had to speak to lawmakers about the incident, and he didn’t discuss the incident in the ‘two breaches’ terms that OPM used, according to people familiar with the matter.”
Speaking to NPR, former NSA official John Schindler said, “[Y]ou know, OPM has sort of slow-rolled how bad this really is. And what has been compromised includes security clearance information, background investigation information for millions of past and present employees across the U.S. government, including the Pentagon and the intelligence community. This is really, really bad.”
Schindler added, “I think the horrible truth that's come out is OPM - the Office of Personnel Management - was warned repeatedly in inspector general reports to get serious about cybersecurity. They failed to do so, even though the threat was very real and rising . . . . [W]e cannot undo this damage. What is done is done and it will take decades to fix. We owe this to federal government employees and military members and we owe this to the American public. And we got to start right now, but the first step is admitting how bad it really is.”
This morning, Senate Majority Leader Mitch McConnell vented his frustration at the Obama administration’s handling of this massive breach. “To call this alarming would be quite an understatement.
“So when the head of the agency that allowed that big breach to happen testified before a Senate committee yesterday, you think she would've come with a detailed action plan. You think she would've announced that heads were rolling. You'd think she'd have said this could never, ever be allowed to happen again under her watch.
“That’s what the American people expect when a breach happens in the private sector and information is stolen. Why shouldn’t they expect as much from the public sector too?
“But what did we hear instead? World-class buck-passing. A complete lack of accountability and urgency. The tired and predictable excuse that the absence of leadership can be solved by throwing a few more dollars at a problem.”
Senate Republicans have begun hearings to hold the administration accountable for this breach and get an explanation of what happened. Yesterday, Sen. John Boozman (R-AR), chair of the Appropriations Committee’s Financial Services and General Government Subcommittee held a hearing with OPM officials. Sen. Boozman said, “The massive breach of OPM systems may have been the most devastating cyber-attack in our nation’s history. … The American people have lost faith in their institutions. The last thing they will do is trust Washington to solve a problem when it can't even protect the personal information of those it employs. There needs to be a dramatic change in the status quo.”
Tomorrow, Homeland Security and Government Affairs Committee Chairman Ron Johnson (R-WI) will hold a hearing on the breach. Sen. Johnson said, “The Obama administration must better protect the data that Americans entrust to it… The administration must immediately implement better protection for all data it keeps. It must determine who did this and exactly what was stolen. And it must conduct a swift and proper response against the perpetrators.”
Editors of The Wall Street Journal have a good summation of the seriousness of this breach, which appears to be even more so with each passing day. “If you thought Edward Snowden damaged U.S. security, evidence is building that the hack of federal Office of Personnel Management (OPM) files may be even worse. . . . [T]he hackers appear to have made off with millions of security-clearance background check files. . .
“This means the Chinese now possess sensitive information on everyone from current cabinet officials to U.S. spies. Background checks are specifically done to report personal histories that might put federal employees at risk for blackmail. The Chinese now hold a blackmail instruction manual for millions of targets.
“These background checks are also a treasure trove of names, containing sensitive information on an applicant’s spouse, children, extended family, friends, neighbors, employers, landlords. Each of those people is also now a target, and in ways they may not contemplate. . . .
“This is a failure of extraordinary proportions, yet even Congress doesn’t know its extent. The Administration is still refusing to say, even in classified briefings, which systems were compromised, which files were taken, or how much data was at risk. . . . Yet OPM director Katherine Archuleta and chief information officer Donna Seymour are still on the job. Mr. Obama has defended Ms. Archuleta . . . . Ms. Archuleta appears before Congress this week, and she ought to remain seated until she explains the extent of this breach.”
Tags: OPM, Employee Records, Hacked, Today in Congress To share or post to your site, click on "Post Link". Please mention / link to the ARRA News Service. and "Like" Facebook Page - Thanks!
0 Comments:
Post a Comment
<< Home