Wyden, Cotton call for policy alerting senators of cyber breaches

Wyden, Cotton call for policy alerting senators of cyber breaches
© Stefani Reynolds

A bipartisan pair of senators on the Senate Intelligence Committee is requesting that the Senate sergeant at arms quickly inform Senate leadership of any cyber breaches of Senate computers.

Sens. Ron WydenRonald (Ron) Lee WydenTrump trade deal likely to sow division in Democratic presidential field House GOP unveils alternative drug pricing measure ahead of Pelosi vote Pelosi gets standing ovation at Kennedy Center Honors MORE (D-Ore.) and Tom CottonThomas (Tom) Bryant CottonTikTok chief cancels Capitol Hill meetings, inflaming tensions Lawsuits pose new challenge for TikTok TikTok's leader to meet with lawmakers next week MORE (R-Ark.) noted in a letter sent Wednesday to Senate Sergeant at Arms Michael Stenger that Congress currently has no requirement to reveal any cyber breaches to its own systems.

“We believe that the lack of data regarding successful cyber attacks against the Congress has contributed to the absence of debate regarding congressional cybersecurity — this must change,” the letter reads.


“Each U.S. Senator deserves to know, and has a responsibility to know, if and how many times Senate computers have been hacked, and whether the Senate’s existing cybersecurity measures are sufficient to protect both the integrity of this institution and the sensitive data with which it has been entrusted.”

Cotton and Wyden requested that the office start issuing an annual report to senators about the number of Senate computers that have been compromised and when hackers have obtained “sensitive Senate data.”

And they asked the office to adopt a policy of informing Senate leadership and the Senate Intelligence Committee about any breach of a Senate computer within 5 days of the breach’s discovery.

Wyden has previously pushed for Congress to take on cybersecurity measures to protect its systems from hackers. He revealed in a letter last year that hackers had targeted the personal email accounts of senators and Senate staffers, but noted that the sergeant at arms apparently lacked the authority to offer cybersecurity protections for personal accounts and devices.

Google confirmed at the time that it had informed Senate staff of the attempted breaches, but declined to say whether any of the hacking attempts were successful.