Hacked OPM won't cough up documents on mega-breach – claim
Sure, NOW they figure out how to hide their records…
The US Office of Personnel Management (OPM) – which handles sensitive files on millions of government workers and was thoroughly ransacked by hackers – is withholding thousands of documents from Congress, which is probing the cyber-attack.
This is according to members of the House Committee on Oversight, who took OPM to task for what the panel calls an unwillingness on the part of the agency to provide it with information related to last year's devastating IT security breach.
In mid-2015 it emerged that personal records – including highly sensitive paperwork for national security background checks – for more than 21 million current and former government employees fell into the hands of state-sponsored hackers, who had been enjoying access to the OPM's databases as far back as 2013.
"We are not able to have access to these documents," said committee chairman Jason Chaffetz (R-UT).
"They were stolen, the adversaries have them, but you won't allow us to look at them and have them in our possession."
Jason Levine, director of the OPM office for Congressional, Legislative and Intergovernmental Affairs, said his agency had "made every effort" to answer requests from Congress related to the investigation.
"OPM has worked as quickly as its infrastructure and resources allow," Levine told the committee.
"To be responsive to congressional requests, OPM has taken numerous steps to increase its previously limited capacity to respond to congressional inquiries of a large volume and sensitive nature."
The representatives, however, told a different story. According to committee members, more than 11,000 files related to the network breach have are being withheld, or have been destroyed by OPM.
Rather, said Chaffetz, the committee has had to obtain the documents from security contractor CyTech, who has been working with OPM on the investigation.
"There is no excuse from withholding that information from Congress, it's in your systems, and we know it because we are looking at hard copies, and we are checking to see if you give it to us as well," Chaffetz told Levine.
"OPM, we are going to bring them up here, and we are going to get to the truth of this." ®
Sponsored: Global DDoS threat landscape report