The Federal Retirement Thrift Investment Board sent letters on Friday to everyone whose information was in the affected files. The agency said it is unclear whether any of the data was used but that it is conducting a systemwide review of its security standards.
The Sergeant at Arms notified Senate staff of the hack on Friday.
The House passed legislation to promote cybersecurity efforts last month. The Senate is considering its own bill, but Republicans and Democrats disagree over whether to require companies to meet minimum cybersecurity standards.