06.15.15

‘Democrats Block Cyber Bill’

Days After Revelation Of ‘Remarkable’ Cyber Attack On The United States Office Of Personnel Management

 

‘The Breach Of OPM Data Is Considered To Be The Largest Cyberattack In U.S. History’

“A major union says the cyber theft of employee information is more damaging than it first appeared, asserting that hackers stole personnel data and Social Security numbers for 4 million current and former federal workers.” (“Union Says All Federal Workers Fell Victim To Hackers,” Associated Press, 6/12/15)

• “The breach of OPM data is considered to be the largest cyberattack in U.S. history” (“Union Says Hackers Have Data On Every Federal Employee,” CNBC, 6/12/15)

• “The massive hack into federal systems announced last week was far deeper and potentially more problematic than publicly acknowledged, with hackers believed to be from China moving through government databases undetected for more than a year, sources briefed on the matter told ABC News. (“OPM Hack Far Deeper Than Publicly Acknowledged, Went Undetected For More Than A Year, Sources Say,” ABC, 6/11/15)

• “The scope of the breach is remarkable, experts say, because the personnel office apparently learned little from earlier government data breaches like the WikiLeaks case and the surveillance revelations by Edward J. Snowden, both of which involved unencrypted data.” (“Hackers May Have Obtained Names of Chinese With Ties to U.S. Government,” New York Times, 6/10/15)

“But J. David Cox, president of the American Federation of Government Employees, said in a letter Thursday to OPM director Katherine Archuleta that based on incomplete information OPM provided to the union, ‘we believe that the Central Personnel Data File was the targeted database, and that the hackers are now in possession of all personnel data for every federal employee, every federal retiree, and up to 1 million former federal employees.’” (“Union Says All Federal Workers Fell Victim To Hackers,” Associated Press, 6/12/15)

• “The union believes the hackers stole military records and veterans’ status information, address, birth date, job and pay history, health insurance, life insurance, and pension information; and age, gender and race data, he said.” (“Union Says All Federal Workers Fell Victim To Hackers,” Associated Press, 6/12/15)

“Investigators were surprised to find that the personnel office, which had already been so heavily criticized for lax security that its inspector general wanted parts of the system shut down, did not encrypt any of the most sensitive data.” (“Hackers May Have Obtained Names of Chinese With Ties to U.S. Government,” New York Times, 6/10/15)

• “We believe that Social Security numbers were not encrypted, a cybersecurity failure that is absolutely indefensible and outrageous,” Cox said in the letter.” (“Union Says All Federal Workers Fell Victim To Hackers,” Associated Press, 6/12/15)

“In classified briefings to members of Congress in recent days, intelligence officials have described what appears to be a systematic Chinese effort to build databases that explain the inner workings of the United States government… information that Beijing could use for blackmail or retaliation.” (“Hackers May Have Obtained Names of Chinese With Ties to U.S. Government,” New York Times, 6/10/15)

 

Second ‘Hacking Attack … Gained Access To Forms Filled Out By Those Seeking Security Clearances’

“A second cyberattack on the federal government has been discovered that could have accessed investigations for security clearances and other job background checks, an administration official said Friday…” (“Second Cyberattack On US May Have Exposed Security Information,” MSNBC, 6/12/15)

“Hackers who raided the government’s personnel office had access to the secret background investigations that the U.S. government conducted on current and former employees, senior administration officials said Friday—an ominous development in the recent theft of federal data, one of the largest in history.” (“Security-Clearance Information Likely Stolen During Breach Of Government Agency,” Wall Street Journal, 6/12/15)

• “The hacking attack on the federal government’s personnel department gained access to forms filled out by those seeking security clearances to perform sensitive government jobs. The form, known as an (SF) 86 background check document, is a 127-page form that includes details about highly personal information, including foreign travel (page 4), any mental health conditions (page 84), police record (page 86), history of drug use (page 93), or bankruptcy filings (page 106).” (“Security-Clearance Information Likely Stolen During Breach Of Government Agency,” Wall Street Journal, 6/12/15)

“Hackers linked to China have gained access to the sensitive background information submitted by intelligence and military personnel for security clearances, U.S. officials said Friday, describing a cyberbreach of federal records dramatically worse than first acknowledged.” (“Officials: Second Hack Exposed Military And Intel Data,” AP, 6/12/15)

• “The newer estimate puts the number of compromised records between 9 million and 14 million going back to the 1980s, said one congressional official and one former U.S. official... There are about 2.6 million executive branch civilians, so the majority of the records exposed relate to former employees.” (“Officials: Second Hack Exposed Military And Intel Data,” AP, 6/12/15)

“Nearly all of the millions of security clearance holders, including some CIA, National Security Agency and military special operations personnel, are potentially exposed in the security clearance breach, the officials said. More than 4 million people had been investigated for a security clearance as of October 2014, according to government records.” (“Officials: Second Hack Exposed Military And Intel Data,” Associated Press, 6/12/15)

 

‘Democrats Block … Cybersecurity Legislation’

POLITICO: ‘Democrats Block Cyber Bill, Leaving Measure In Limbo’

• “Democrats made good on their threats to block a bipartisan cybersecurity bill on Thursday…The partisan blowup marked a stunning turn for legislation that’s enjoyed broad support.” (“Democrats Block Cyber Bill, Leaving Measure In Limbo,” Politico, 6/11/15)

THE HILL: ‘Senate Democrats Block Cyber Amendment’

• “Senate Democrats on Thursday blocked Republicans from linking a cybersecurity amendment to a defense bill.” (“Senate Democrats Block Cyber Amendment,” The Hill, 6/11/15)

USA TODAY: ‘Democrats Block Effort To Attach Cybersecurity Legislation To Defense Bill’

• “The legislative impasse occurred as the Associated Press reported that the massive attack on the Office of Personnel Management had compromised the Social Security numbers of every federal employee, according to a government workers' union.” (“Democrats Block Effort To Attach Cybersecurity Legislation To Defense Bill,” USA Today, 6/11/15)

BLOOMBERG: ‘U.S. Senate Democrats Block Cybersecurity Liability Measure’

• “The intelligence committee in March approved the legislation, 14-1. Banks, technology and retail trade groups that support the measure say it assures companies exchanging data about hacking attacks won’t be sued by customers or accused of violating antitrust laws…Obama, company executives and cybersecurity specialists have seized on recent high-profile hacking attacks to bolster their case for legislation.” (“U.S. Senate Democrats Block Cybersecurity Liability Measure,” Bloomberg, 6/11/15)

 

###
SENATE REPUBLICAN COMMUNICATIONS CENTER

Related Issues: Cybersecurity, NDAA

• Print
• Email
• Tweet