OPM to House: Progress on ID'ing hackers

OPM to House: Progress on ID'ing hackers
© Thinkstock

The Obama administration has “made a lot of progress on the attribution front” in the massive digital theft of 4 million federal workers’ records, Rep. Adam SchiffAdam Bennett SchiffGraham: Senate trial 'must expose the whistleblower' Graham says Schiff should be a witness in Trump impeachment trial Democrats seize on new evidence in first public impeachment hearing MORE (D-Calif.) told reporters after meeting with officials Tuesday night.

However, Schiff warned that “the scope of the exposure” and “the extent of the damage” were still being investigated.


“I don’t think we can say with any kind of certainty that anyone is beyond impact here,” he said.

The Office of Personnel Management revealed the breach last week, considered to be the worst hack of government data ever.

Tuesday night, OPM Chief Information Officer Donna Seymour briefed the House Intelligence Committee on the cyberattack. She was joined by officials from the Office of the Director of National Intelligence and the Department of Homeland Security.

U.S. officials have said privately that Chinese hackers are behind the hit. But the administration is far off from officially blaming the Asian power for the attack, said Schiff, the top Democrat on the Intel panel

“We continue to make progress in terms of attribution,” he said. “But we’ll have to wait for the point at which the administration feels comfortable making a public attribution. At this point, that’s not something we can do.”

It’s believed Beijing officials are conducting a wide-ranging cyber espionage to create a database on U.S. government employees. Researchers have tied the OPM hack to recent mammoth breaches at health insurance companies, which exposed over 90 million Americans’ data.

The OPM breach may have exposed cabinet-level officials’ data, and White House cybersecurity coordinator Michael Daniel acknowledged his information was possibly stolen in one of the health insurer hacks.

Chinese officials could use this database to launch future phishing attacks, imitate officials, blackmail workers or infiltrate sensitive accounts.

How much that database could grow from the OPM hack is still to be determined, Schiff said.

“I don’t know if the number 4 million will grow, but of course whatever information is in a personnel file may involve other people [outside the government] as well,” he said. “To that extent you could say that the number impacted is more than 4 million.”

— Updated 7:28 p.m.